76 #ifdef epicsExportSharedSymbols 77 # define securityEpicsExportSharedSymbols 78 # undef epicsExportSharedSymbols 83 #include <epicsMutex.h> 85 #include <pv/status.h> 86 #include <pv/pvData.h> 87 #include <pv/sharedPtr.h> 89 #ifdef securityEpicsExportSharedSymbols 90 # define epicsExportSharedSymbols 91 # undef securityEpicsExportSharedSymbols 94 #include <pv/pvaDefs.h> 95 #include <pv/pvaConstants.h> 96 #include <pv/serializationHelper.h> 97 #include <pv/logger.h> 119 struct epicsShareClass PeerInfo {
120 POINTER_DEFINITIONS(PeerInfo);
122 static size_t num_instances;
125 std::string transport;
126 std::string authority;
131 pvData::PVStructure::const_shared_pointer aux;
133 typedef std::set<std::string> roles_t;
137 unsigned transportVersion;
151 class epicsShareClass AuthenticationSession
154 POINTER_DEFINITIONS(AuthenticationSession);
156 virtual ~AuthenticationSession();
160 virtual epics::pvData::PVStructure::const_shared_pointer initializationData()
161 {
return epics::pvData::PVStructure::const_shared_pointer(); }
166 virtual void messageReceived(epics::pvData::PVStructure::const_shared_pointer
const & data) {}
172 virtual void authenticationComplete(
const epics::pvData::Status& status) {}
176 class epicsShareClass AuthenticationPluginControl
179 POINTER_DEFINITIONS(AuthenticationPluginControl);
180 virtual ~AuthenticationPluginControl();
184 virtual void sendSecurityPluginMessage(epics::pvData::PVStructure::const_shared_pointer
const & data) = 0;
193 virtual void authenticationCompleted(
const epics::pvData::Status& status,
194 const std::tr1::shared_ptr<PeerInfo>& peer) = 0;
198 class epicsShareClass AuthenticationPlugin
201 POINTER_DEFINITIONS(AuthenticationPlugin);
202 virtual ~AuthenticationPlugin();
209 virtual bool isValidFor(
const PeerInfo& peer)
const {
return true; }
220 virtual std::tr1::shared_ptr<AuthenticationSession> createSession(
221 const std::tr1::shared_ptr<PeerInfo>& peer,
222 std::tr1::shared_ptr<AuthenticationPluginControl>
const & control,
223 epics::pvData::PVStructure::shared_pointer
const & data) = 0;
228 class epicsShareClass AuthenticationRegistry
230 EPICS_NOT_COPYABLE(AuthenticationRegistry)
232 POINTER_DEFINITIONS(AuthenticationRegistry);
235 typedef std::map<
int, std::pair<std::string, AuthenticationPlugin::shared_pointer> > map_t;
237 mutable epicsMutex mutex;
239 typedef std::vector<map_t::mapped_type> list_t;
242 static AuthenticationRegistry& clients();
244 static AuthenticationRegistry& servers();
246 AuthenticationRegistry() {}
247 ~AuthenticationRegistry();
250 void snapshot(list_t& plugmap)
const;
258 void add(
int prio,
const std::string& name,
const AuthenticationPlugin::shared_pointer& plugin);
260 bool remove(
const AuthenticationPlugin::shared_pointer& plugin);
263 AuthenticationPlugin::shared_pointer lookup(
const std::string& name)
const;
268 class epicsShareClass AuthorizationPlugin
271 POINTER_DEFINITIONS(AuthorizationPlugin);
273 virtual ~AuthorizationPlugin();
276 virtual void authorize(
const std::tr1::shared_ptr<PeerInfo>& peer) =0;
279 class epicsShareClass AuthorizationRegistry
281 EPICS_NOT_COPYABLE(AuthorizationRegistry)
283 POINTER_DEFINITIONS(AuthenticationRegistry);
285 static AuthorizationRegistry &plugins();
287 AuthorizationRegistry();
288 ~AuthorizationRegistry();
291 typedef std::map<
int, AuthorizationPlugin::shared_pointer> map_t;
294 mutable epicsMutex mutex;
297 void add(
int prio,
const AuthorizationPlugin::shared_pointer& plugin);
298 bool remove(
const AuthorizationPlugin::shared_pointer& plugin);
299 void run(
const std::tr1::shared_ptr<PeerInfo>& peer);
307 void osdGetRoles(
const std::string &account, PeerInfo::roles_t& roles);