Apple OS X Server User Manual

Open as PDF

of 44

If the authentication methods that an authentication authority implements are known, the authentication

authority may be used to deduce those authentication methods that are available for a user. Note, however,

that it is possible to disable hash storage on a per-user basis, which has the effect of disabling some

authentication methods that would otherwise be available.

Directory Native Authentication

The sample code Listing 2-4 (page 30) demonstrates directory native authentication. In the sample code,

the inDirNodeRef parameter contains a node reference for the node, inUserName parameter contains the

user name that is to be authenticated to the node, the inUserPassword contains the password in cleartext

that is to be used to authenticate the user name.

Listing 2-4 Authenticating using directory native authentication

Bool DoNodeNativeAuthentication ( const tDirReference inDirRef,

const tDirNodeReference inDirNodeRef,

const char *inUserName,

const char *inUserPassword )

{

// Native authentication is a one step authentication scheme.

// Step 1

// Send: <length><recordname>

// <length><cleartextpassword>

// Receive: success or failure.

tDataNodePtr anAuthType2Use = NULL;

tDataBufferPtr anAuthDataBuf = NULL;

tDataBufferPtr aAuthRespBuf = NULL;

tDirStatus aDirErr = eDSNoErr;

tContextData aContinueData = NULL;

long aDataBufSize = 0;

long aTempLength = 0;

long aCurLength = 0;

bool aResult = false;

// First, specify the type of authentication.

anAuthType2Use =

dsDataNodeAllocateString(inDirRef,kDSStdAuthNodeNativeClearTextOK);

// The following is an optional method of authentication that allows the

// plug-in to choose the authentication method, but the client can

// "restrict" the authentication request to be "secure" and not use

// cleartext. Both authentication methods take the same buffer arguments.

/* anAuthType2Use = dsDataNodeAllocate(inDirRef,

kDSStdAuthNodeNativeNoClearText); */

aDataBufSize += sizeof(long) + ::strlen(inUserName);

aDataBufSize += sizeof(long) + ::strlen(inUserPassword);

anAuthDataBuf = dsDataBufferAllocate(inDirRef, aDataBufSize);

aAuthRespBuf = dsDataBufferAllocate(inDirRef, 512); // For the response.

// Put all of the authentication arguments into the data buffer.

aTempLength = ::strlen(inUserName);

::memcpy(&(anAuthDataBuf->fBufferData[aCurLength]), &aTempLength,

sizeof(long));

aCurLength += sizeof(long);

::memcpy(&(anAuthDataBuf->fBufferData[aCurLength]), inUserName, aTempLength);

aCurLength += aTempLength;

aTempLength = ::strlen(inUserPassword);

Authenticating a User to a Node

CHAPTER 2

Working with Nodes

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Apple OS X Server User Manual