qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From astitc...@apache.org
Subject [1/3] qpid-proton git commit: PROTON-1239: Add accessor to connection for authenticated user. - Also had to fix pn_transport_get_user() to act correctly on a server where sasl parameters were set but sasl itself was not required.
Date Thu, 14 Jul 2016 19:42:19 GMT
Repository: qpid-proton
Updated Branches:
  refs/heads/master f13715149 -> 4a6010110


PROTON-1239: Add accessor to connection for authenticated user.
- Also had to fix pn_transport_get_user() to act correctly on a server
  where sasl parameters were set but sasl itself was not required.


Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/0340eab4
Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/0340eab4
Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/0340eab4

Branch: refs/heads/master
Commit: 0340eab4977c8a12250b0686c3f008a6da86689e
Parents: 391685a
Author: Andrew Stitcher <astitcher@apache.org>
Authored: Fri Jul 1 18:53:46 2016 -0400
Committer: Andrew Stitcher <astitcher@apache.org>
Committed: Thu Jul 14 15:17:43 2016 -0400

----------------------------------------------------------------------
 .../bindings/cpp/include/proton/connection.hpp    |  4 ++++
 proton-c/bindings/cpp/src/connection.cpp          |  4 ++++
 proton-c/src/transport/transport.c                | 18 +++++++++++++++---
 3 files changed, 23 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0340eab4/proton-c/bindings/cpp/include/proton/connection.hpp
----------------------------------------------------------------------
diff --git a/proton-c/bindings/cpp/include/proton/connection.hpp b/proton-c/bindings/cpp/include/proton/connection.hpp
index aa8ebc6..b4a0767 100644
--- a/proton-c/bindings/cpp/include/proton/connection.hpp
+++ b/proton-c/bindings/cpp/include/proton/connection.hpp
@@ -76,6 +76,10 @@ PN_CPP_CLASS_EXTERN connection : public internal::object<pn_connection_t>,
publi
     /// Return the container ID for the connection.
     PN_CPP_EXTERN std::string container_id() const;
 
+    /// Return authenticated user for the connection
+    /// Note: The value returned is not stable until the on_transport_open event is received
+    PN_CPP_EXTERN std::string user() const;
+
     /// Open the connection.
     ///
     /// @see endpoint_lifecycle

http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0340eab4/proton-c/bindings/cpp/src/connection.cpp
----------------------------------------------------------------------
diff --git a/proton-c/bindings/cpp/src/connection.cpp b/proton-c/bindings/cpp/src/connection.cpp
index e550cb3..8acf163 100644
--- a/proton-c/bindings/cpp/src/connection.cpp
+++ b/proton-c/bindings/cpp/src/connection.cpp
@@ -70,6 +70,10 @@ std::string connection::container_id() const {
     return str(pn_connection_get_container(pn_object()));
 }
 
+std::string connection::user() const {
+    return str(pn_transport_get_user(pn_connection_transport(pn_object())));
+}
+
 container& connection::container() const {
     class container* c = connection_context::get(pn_object()).container;
     if (!c) {

http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0340eab4/proton-c/src/transport/transport.c
----------------------------------------------------------------------
diff --git a/proton-c/src/transport/transport.c b/proton-c/src/transport/transport.c
index 0d77977..07ee1f6 100644
--- a/proton-c/src/transport/transport.c
+++ b/proton-c/src/transport/transport.c
@@ -587,9 +587,21 @@ void pn_transport_set_server(pn_transport_t *transport)
 const char *pn_transport_get_user(pn_transport_t *transport)
 {
   assert(transport);
-  if (!transport->sasl) return "anonymous";
-
-  return pn_sasl_get_user((pn_sasl_t *)transport);
+  // Client - just return whatever we gave to sasl
+  if (!transport->server) {
+    if (transport->sasl) return pn_sasl_get_user((pn_sasl_t *)transport);
+    return "anonymous";
+  }
+
+  // Server
+  // Not finished authentication yet
+  if (!(transport->present_layers & LAYER_AMQP1)) return 0;
+  // We have SASL so it takes precedence
+  if (transport->present_layers & LAYER_AMQPSASL) return pn_sasl_get_user((pn_sasl_t
*)transport);
+  // No SASL but we may have a SSL remote_subject
+  if (transport->present_layers & (LAYER_AMQPSSL | LAYER_SSL)) return pn_ssl_get_remote_subject((pn_ssl_t
*)transport);
+  // otherwise it's just an unauthenticated anonymous connection
+  return "anonymous";
 }
 
 void pn_transport_require_auth(pn_transport_t *transport, bool required)


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message