C H A P T E R 2
Working with Nodes
If the authentication methods that an authentication authority implements are known, the authentication authority may be used to deduce those authentication methods that are available for a user. Note, however, that it is possible to disable hash storage on a
Directory Native Authentication
The sample code Listing
Listing | Authenticating using directory native authentication | |
Bool DoNodeNativeAuthentication ( | const tDirReference inDirRef, | |
| const | tDirNodeReference inDirNodeRef, |
| const | char *inUserName, |
| const | char *inUserPassword ) |
{ |
|
|
//Native authentication is a one step authentication scheme.
//Step 1
//Send: <length><recordname>
//<length><cleartextpassword>
//Receive: success or failure.
tDataNodePtr anAuthType2Use = NULL; tDataBufferPtr anAuthDataBuf = NULL; tDataBufferPtr aAuthRespBuf = NULL; tDirStatus aDirErr = eDSNoErr; tContextData aContinueData = NULL; long aDataBufSize = 0;
long aTempLength = 0; long aCurLength = 0; bool aResult = false;
//First, specify the type of authentication. anAuthType2Use =
dsDataNodeAllocateString(inDirRef,kDSStdAuthNodeNativeClearTextOK);
//The following is an optional method of authentication that allows the
//
//"restrict" the authentication request to be "secure" and not use
//cleartext. Both authentication methods take the same buffer arguments. /* anAuthType2Use = dsDataNodeAllocate(inDirRef,
kDSStdAuthNodeNativeNoClearText); */
aDataBufSize += sizeof(long) + ::strlen(inUserName); aDataBufSize += sizeof(long) + ::strlen(inUserPassword); anAuthDataBuf = dsDataBufferAllocate(inDirRef, aDataBufSize); aAuthRespBuf = dsDataBufferAllocate(inDirRef, 512); // For the response.
//Put all of the authentication arguments into the data buffer. aTempLength
sizeof(long));
aCurLength +=
aTempLength = ::strlen(inUserPassword);
30Authenticating a User to a Node
