authenticateCachedUsersList()
{
auto aucp_compare = [=](const Auth::User::Pointer lhs, const Auth::User::Pointer rhs) {
- return lhs->SBUserKey() < rhs->SBUserKey();
+ return lhs->SBufUserKey() < rhs->SBufUserKey();
};
- std::vector<Auth::User::Pointer> v1, v2, rv;
- auto u1 = Auth::Basic::User::Cache()->sortedUsersList();
- auto u2 = Auth::Digest::User::Cache()->sortedUsersList();
+ std::vector<Auth::User::Pointer> v1, v2, rv, u1, u2;
+ if (Auth::Config::Find("basic") != nullptr)
+ u1 = Auth::Basic::User::Cache()->sortedUsersList();
+ if (Auth::Config::Find("digest") != nullptr)
+ u2 = Auth::Digest::User::Cache()->sortedUsersList();
v1.reserve(u1.size()+u2.size());
std::merge(u1.begin(), u1.end(),u2.begin(), u2.end(),
std::back_inserter(v1), aucp_compare);
- u1 = Auth::Negotiate::User::Cache()->sortedUsersList();
- u2 = Auth::Ntlm::User::Cache()->sortedUsersList();
+ if (Auth::Config::Find("negotiate") != nullptr)
+ u1 = Auth::Negotiate::User::Cache()->sortedUsersList();
+ if (Auth::Config::Find("ntlm") != nullptr)
+ u2 = Auth::Ntlm::User::Cache()->sortedUsersList();
v2.reserve(u1.size()+u2.size());
std::merge(u1.begin(), u1.end(),u2.begin(), u2.end(),
std::back_inserter(v2), aucp_compare);
/// \ingroup AuthAPI
void authenticateOnCloseConnection(ConnStateData * conn);
-/// \ingroup AuthAPI
std::vector<Auth::User::Pointer> authenticateCachedUsersList();
#endif /* USE_AUTH */
// NP: key is set at the same time as username_. Until then both are empty/NULL.
const char *userKey() {return !userKey_.isEmpty() ? userKey_.c_str() : NULL;}
// user key as a SBuf
- const SBuf SBUserKey() { return userKey_;}
+ const SBuf SBufUserKey() const {return userKey_;}
/**
* How long these credentials are still valid for.
virtual void addToNameCache() = 0;
static void UsernameCacheStats(StoreEntry * output);
- static CbcPointer<Auth::UserNameCache> Cache(); //must be implemented in subclasses
+ // userKey ->Auth::User::Pointer cache
+ // must be reimplemented in subclasses
+ static CbcPointer<Auth::UserNameCache> Cache();
CredentialState credentials() const;
void credentials(CredentialState);
* Please see the COPYING and CONTRIBUTORS files for details.
*/
-/* debug section 29 */
+/* DEBUG: section 29 Authenticator */
#include "squid.h"
#include "auth/UserNameCache.h"
-#include "acl/Gadgets.h" //for aclCacheMatchFlush
+#include "acl/Gadgets.h"
#include "Debug.h"
#include "event.h"
#include "SquidConfig.h"
void
UserNameCache::insert(Auth::User::Pointer anAuth_user)
{
- debugs(29, 6, "adding " << anAuth_user->SBUserKey());
- store_[anAuth_user->SBUserKey()] = anAuth_user;
+ debugs(29, 6, "adding " << anAuth_user->SBufUserKey());
+ store_[anAuth_user->SBufUserKey()] = anAuth_user;
}
// generates the list of cached usernames in a format that is convenient
std::transform(store_.begin(), store_.end(), rv.begin(),
[](StoreType::value_type v) { return v.second; }
);
- sort(rv.begin(), rv.end(),
+ std::sort(rv.begin(), rv.end(),
[](const Auth::User::Pointer &lhs, const Auth::User::Pointer &rhs) {
return strcmp(lhs->username(), rhs->username()) < 0;
}
{
debugs(29, 5, "Reconfiguring username cache " << cachename);
for (auto i : store_) {
- aclCacheMatchFlush(&i.second->proxy_match_cache); //flush
+ aclCacheMatchFlush(&i.second->proxy_match_cache);
}
}
* Please see the COPYING and CONTRIBUTORS files for details.
*/
-#ifndef SQUID_USERNAMECACHE_H_
-#define SQUID_USERNAMECACHE_H_
+#ifndef SQUID_SRC_AUTH_UERNAMECACHE_H
+#define SQUID_SRC_AUTH_UERNAMECACHE_H
#include "SBufAlgos.h"
#include "auth/User.h"
/** Cache of Auth::User::Pointer, keyed by Auth::User::userKey
*
- * It's meant to be used as a per-authentication protocol cache,
- * cleaning up objects which are past authenticate_ttl life
+ * \returns a pointer to cached credentials, or nullptr if none found
*/
class UserNameCache : public RegisteredRunner
{
*/
std::vector<Auth::User::Pointer> sortedUsersList() const;
- /// RegisteredRunner API
+ /* RegisteredRunner API */
virtual void endingShutdown() override;
virtual void syncConfig() override;
// for logs, events etc.
const char *cachename;
- // must be unique to the cache and valid for the object's lifetime
+ // c_str() raw pointer is used in event. std::string must not reallocate
+ // after ctor and until shutdown
+ // must be unique
std::string cacheCleanupEventName;
};
} /* namespace Auth */
-#endif /* SQUID_USERNAMECACHE_H_ */
+
+#endif /* SQUID_SRC_AUTH_UERNAMECACHE_H */
/* now lookup and see if we have a matching auth_user structure in memory. */
Auth::User::Pointer auth_user;
- if (!(auth_user = Auth::Basic::User::Cache()->lookup(lb->SBUserKey()))) {
+ if (!(auth_user = Auth::Basic::User::Cache()->lookup(lb->SBufUserKey()))) {
/* the user doesn't exist in the username cache yet */
/* save the credentials */
debugs(29, 9, HERE << "Creating new user '" << lb->username() << "'");
passwd(NULL),
queue(NULL),
currentRequest(NULL)
-{
-}
+{}
Auth::Basic::User::~User()
{
void updateCached(User *from);
virtual int32_t ttl() const;
- // userKey ->Auth::User::Pointer cache
+ /* Auth::User API */
static CbcPointer<Auth::UserNameCache> Cache();
virtual void addToNameCache() override;
User(Auth::Config *, const char *requestRealm);
~User();
int authenticated() const;
-
virtual int32_t ttl() const;
+ /* Auth::User API */
static CbcPointer<Auth::UserNameCache> Cache();
virtual void addToNameCache() override;
~User();
virtual int32_t ttl() const;
+ /* Auth::User API */
static CbcPointer<Auth::UserNameCache> Cache();
virtual void addToNameCache() override;
-
dlink_list proxy_auth_list;
};
/* connection is authenticated */
debugs(29, 4, HERE << "authenticated user " << auth_user_request->user()->username());
auto local_auth_user = lm_request->user();
- auto cached_user = Auth::Negotiate::User::Cache()->lookup(auth_user_request->user()->SBUserKey());
+ auto cached_user = Auth::Negotiate::User::Cache()->lookup(auth_user_request->user()->SBufUserKey());
if (!cached_user) {
local_auth_user->addToNameCache();
} else {
CbcPointer<Auth::UserNameCache>
Auth::Ntlm::User::Cache()
{
- static CbcPointer<Auth::UserNameCache> p(new Auth::UserNameCache("basic"));
+ static CbcPointer<Auth::UserNameCache> p(new Auth::UserNameCache("ntlm"));
return p;
}
public:
User(Auth::Config *, const char *requestRealm);
~User();
-
virtual int32_t ttl() const;
+ /* Auth::User API */
static CbcPointer<Auth::UserNameCache> Cache();
virtual void addToNameCache() override;
} // namespace Auth
#endif /* _SQUID_AUTH_NTLM_USER_H */
-
debugs(29, 4, HERE << "authenticated user " << auth_user_request->user()->username());
/* see if this is an existing user */
auto local_auth_user = lm_request->user();
- auto cached_user = Auth::Ntlm::User::Cache()->lookup(auth_user_request->user()->SBUserKey());
+ auto cached_user = Auth::Ntlm::User::Cache()->lookup(auth_user_request->user()->SBufUserKey());
if (!cached_user) {
local_auth_user->addToNameCache();
} else {
projects / thirdparty / squid.git / commitdiff
