class for authenticating with standard Qorus RBAC authentication
More...
|
bool | requiresAuthentication () |
| called to check if the connection requires authentication More...
|
|
string | getRealm () |
| returns the authentication realm as a string More...
|
|
*hash< HttpResponseInfo > | authenticateRequest (HttpListenerInterface listener, hash< auto > hdr, reference< hash > cx) |
| primary method called to authenticate each request More...
|
|
| authenticate (string user, string pass="") |
| called to authenticate a user for a connection More...
|
|
| authenticateByIP (string ip, reference< string > user) |
| called when the connection requires authentication, but no authentication credentials were supplied, to try to authenticate the connection based on the source IP address More...
|
|
|
hash< auto > | getAuthHeader (*hash< auto > cx) |
| can be overridden to return a header with 401 Unauthorized responses More...
|
|
class for authenticating with standard Qorus RBAC authentication
- See also
-
◆ authenticate()
OMQ::DefaultQorusRBACAuthenticator::authenticate |
( |
string |
user, |
|
|
string |
pass = "" |
|
) |
| |
called to authenticate a user for a connection
This method will only be called if requiresAuthentication() returns True
- Parameters
-
user | the username to authenticate |
pass | the password for the user |
- Exceptions
-
AUTHENTICATION-ERROR | the user cannot be authenticated |
◆ authenticateByIP()
OMQ::DefaultQorusRBACAuthenticator::authenticateByIP |
( |
string |
ip, |
|
|
reference< string > |
user |
|
) |
| |
called when the connection requires authentication, but no authentication credentials were supplied, to try to authenticate the connection based on the source IP address
This method will only be called if requiresAuthentication() returns True and no authentication credentials are supplied with the request
- Parameters
-
ip | the IP address of the source connection |
user | a reference to a string that will be populated with the username to use if the request can be authenticated based on the source IP address |
- Exceptions
-
AUTHENTICATION-ERROR | the user cannot be authenticated |
- See also
- qorus.rbac-force-user
◆ authenticateRequest()
*hash< HttpResponseInfo > OMQ::DefaultQorusRBACAuthenticator::authenticateRequest |
( |
HttpListenerInterface |
listener, |
|
|
hash< auto > |
hdr, |
|
|
reference< hash > |
cx |
|
) |
| |
primary method called to authenticate each request
- Parameters
-
listener | an HttpListenerInterface object for the listener serving the request for logging purposes |
hdr | a hash of request headers |
cx | a reference to the call context hash; set the "user" key to the user name if a user was identified and authorized; this hash will have the following keys:
header-info : a hash of information about the request header with the following keys:
request-uri : gives the request URI in an HTTP request
body-content-type : this is the "Content-Type" header without any charset declaration
charset: if there is a charset declaration in the "Content-Type" header, the value is returned in this key
close: set to True if the connection should be closed after responding, False if not (as derived from the request header)
accept-charset : this key will be set to an appropriate value from any "Accept-Charset" header; if any of "*" , "utf8" , or "utf-8" are present, then this will be set to "utf8" , otherwise it will be set to the first requested character encoding in the list
accept-encoding : a hash where keys are values from any "Accept-Encoding" header and the values are True
socket: the bind address used to bind the listener ("socket-info" provides more detailed information)
socket-info : a hash of socket information for the listening socket (as returned by Qore::Socket::getSocketInfo())
peer-info : a hash of socket information for the remote socket (as returned by Qore::Socket::getPeerInfo())
url: a hash of broken-down URL information (as returned from Qore::parse_url())
id: the unique HTTP connection ID
ssl: True if the request was encrypted with HTTPS, False if not
listener-id : the HTTP server listener ID (see HttpServer::getListenerInfo())
user: the current RBAC username (if any)
root_path: the root URL path matched if the request was matched by a URL prefix
|
- Returns
- returns NOTHING if there were no errors, otherwise returns a hash with the following keys to indicate an authentication or authorization error:
"code"
: the HTTP response code
"body"
: the error message body
"hdr"
: an optional hash of headers for the error response
Authentication is performed according to Qorus system configuration.
- See also
-
◆ getAuthHeader()
hash< auto > OMQ::DefaultQorusRBACAuthenticator::getAuthHeader |
( |
*hash< auto > |
cx | ) |
|
|
private |
can be overridden to return a header with 401 Unauthorized
responses
- Returns
- an empty hash
For example to return a header that tells the caller to require basic authentication (which will cause web browsers to show a dialog box asking for a username and password before repeating the request); use the following:
return {
"WWW-Authenticate": sprintf(
"Basic realm=%y",
getRealm())};
}
string getRealm()
returns the authentication realm as a string
hash< auto > getAuthHeader()
◆ getRealm()
string OMQ::DefaultQorusRBACAuthenticator::getRealm |
( |
| ) |
|
returns the authentication realm as a string
- Returns
- the authentication realm as a string; the value returned is
"Qorus Integration Engine"
◆ requiresAuthentication()
bool OMQ::DefaultQorusRBACAuthenticator::requiresAuthentication |
( |
| ) |
|
called to check if the connection requires authentication
- Returns
- True if authentication is enabled, False if not
- See also
- qorus.rbac-security
The documentation for this class was generated from the following files:
- QorusClientCore.qm
- DefaultQorusRBACAuthenticator.qc