|
Barracuda Application Server C/C++ Reference
NO
|
Please see Authenticating and authorizing users for an introduction to the classes in the Authentication group.
Classes | |
| struct | AuthorizerIntf |
| An abstract class, which you must implement, provides a method of authorizing an authenticated user. More... | |
| struct | UserIntf |
| Interface class used by the Authentication classes. More... | |
| struct | AuthenticatedUser |
| Abstract base class implemented by BasicAuthUser, FormAuthUser and DigestAuthUser. More... | |
| struct | AuthenticatorIntf |
| Abstract interface class implemented by DigestAuthenticator, FormAuthenticator and DigestAuthenticator. More... | |
| struct | LoginRespIntf |
| The LoginRespIntf is an abstract class, which must be implemented when using one of DigestAuthenticator, BasicAuthenticator, and FormAuthenticator. More... | |
| struct | AuthInfo |
| An instance of the AuthInfo struct is created on the stack in the Barracuda authenticators and is used as a container object for sending information to the registered user callback methods. More... | |
| struct | LoginTrackerIntf |
| The interface between the LoginTracker and the application code. More... | |
| struct | LoginTrackerNode |
| A LoginTrackerNode keeps track of how many times a user using a specific IP address has attempted to login to the server. More... | |
| struct | LoginTracker |
| The LoginTracker class is an optional security enhancement that can be installed in an instance of one of the authenticator classes. More... | |
| struct | Authenticator |
| This class implements HTTP Basic, HTTP Digest, and Form-Based Authentication. More... | |
| struct | BasicAuthenticator |
| Implements Basic Authentication. More... | |
| struct | DigestAuthenticator |
| Implements Digest Authentication. More... | |
| struct | FormAuthenticator |
| Implements Form-Based Authentication. More... | |
| struct | DavAuth |
| This class implements HTTP Basic and HTTP Digest authentication. More... | |
Typedefs | |
| typedef BaBool(* | AuthorizerIntf_Authorize) (struct AuthorizerIntf *intf, struct AuthenticatedUser *user, HttpMethod httpMethod, const char *path) |
| Prototype for the Authorize callback method. More... | |
| typedef struct AuthorizerIntf | AuthorizerIntf |
| An abstract class, which you must implement, provides a method of authorizing an authenticated user. | |
| typedef void(* | UserIntf_GetPwd) (struct UserIntf *intf, struct AuthInfo *info) |
| The GetPwd callback function searches for info->username and sets AuthInfo::password if found and/or the AuthInfo::ct parameter. More... | |
| typedef struct UserIntf | UserIntf |
| Interface class used by the Authentication classes. More... | |
| typedef struct AuthenticatedUser | AuthenticatedUser |
| Abstract base class implemented by BasicAuthUser, FormAuthUser and DigestAuthUser. More... | |
| typedef AuthenticatedUser *(* | AuthenticatorIntf_Authenticate) (struct AuthenticatorIntf *super, const char *relPath, HttpCommand *cmd) |
| The authenticator callback method for the abstract class AuthenticatorIntf. More... | |
| typedef struct AuthenticatorIntf | AuthenticatorIntf |
| Abstract interface class implemented by DigestAuthenticator, FormAuthenticator and DigestAuthenticator. | |
| typedef void(* | LoginRespIntf_Service) (struct LoginRespIntf *intf, struct AuthInfo *info) |
| This callback function is called if the user failed to authenticate with one of DigestAuthenticator, BasicAuthenticator, or FormAuthenticator. More... | |
| typedef struct LoginRespIntf | LoginRespIntf |
| The LoginRespIntf is an abstract class, which must be implemented when using one of DigestAuthenticator, BasicAuthenticator, and FormAuthenticator. More... | |
| typedef struct AuthInfo | AuthInfo |
| An instance of the AuthInfo struct is created on the stack in the Barracuda authenticators and is used as a container object for sending information to the registered user callback methods. | |
| typedef BaBool(* | LoginTrackerIntf_Validate) (struct LoginTrackerIntf *o, AuthInfo *info, struct LoginTrackerNode *node) |
| Prototype for the validate callback method. More... | |
| typedef void(* | LoginTrackerIntf_Login) (struct LoginTrackerIntf *o, AuthInfo *info, struct LoginTrackerNode *node) |
| Prototype for the Login tracker method. More... | |
| typedef void(* | LoginTrackerIntf_LoginFailed) (struct LoginTrackerIntf *o, AuthInfo *info, struct LoginTrackerNode *node) |
| Prototype for the LoginFailed callback method. More... | |
| typedef void(* | LoginTrackerIntf_TerminateNode) (struct LoginTrackerIntf *o, struct LoginTrackerNode *node) |
| Prototype for the TerminateNode callback method. More... | |
| typedef struct LoginTrackerIntf | LoginTrackerIntf |
| The interface between the LoginTracker and the application code. More... | |
| typedef struct LoginTrackerNode | LoginTrackerNode |
| A LoginTrackerNode keeps track of how many times a user using a specific IP address has attempted to login to the server. More... | |
| typedef struct LoginTracker | LoginTracker |
| The LoginTracker class is an optional security enhancement that can be installed in an instance of one of the authenticator classes. More... | |
| typedef Authenticator | Authenticator |
| This class implements HTTP Basic, HTTP Digest, and Form-Based Authentication. More... | |
| typedef BasicAuthenticator | BasicAuthenticator |
| Implements Basic Authentication. More... | |
| typedef DigestAuthenticator | DigestAuthenticator |
| Implements Digest Authentication. More... | |
| typedef FormAuthenticator | FormAuthenticator |
| Implements Form-Based Authentication. More... | |
| typedef DavAuth | DavAuth |
| This class implements HTTP Basic and HTTP Digest authentication. More... | |
Enumerations | |
| enum | AuthenticatedUserType |
| The authenticator types. | |
| enum | AuthInfoCT { AuthInfoCT_Password =5 , AuthInfoCT_HA1 , AuthInfoCT_Valid , AuthInfoCT_Invalid } |
| AuthInfo Credential Type can optionally be used by the UserIntf_GetPwd callback function. More... | |
Functions | |
| AuthorizerIntf::AuthorizerIntf (AuthorizerIntf_Authorize authorize) | |
| The constructor. More... | |
| bool | AuthorizerIntf::authorize (struct AuthenticatedUser *user, HttpMethod method, const char *path) |
| Returns TRUE if user is authorized. More... | |
| UserIntf::UserIntf (UserIntf_GetPwd getPwd) | |
| The UserIntf constructor. More... | |
| static AuthenticatedUser * | AuthenticatedUser::get (HttpRequest *request) |
| Returns a pointer to an instance of class AuthenticatedUser if a session object exists and if the user is authenticated, otherwise NULL is returned. More... | |
| static AuthenticatedUser * | AuthenticatedUser::get (HttpSession *session) |
| Returns a pointer to an instance of class AuthenticatedUser if the user is authenticated, otherwise NULL is returned. More... | |
| const char * | AuthenticatedUser::getName () |
| Returns the user's name. | |
| HttpSession * | AuthenticatedUser::getSession () |
| Get the session object. More... | |
| const char * | AuthenticatedUser::getPassword () |
| Returns the user's password. | |
| void | AuthenticatedUser::logout (bool all=false) |
| Logout user and terminate the session object. More... | |
| AuthenticatedUserType | AuthenticatedUser::getType () |
| Returns the authenticator type that was used to authenticate this user. More... | |
| static AuthenticatedUser * | AuthenticatedUser::getAnonymous () |
| non public | |
| AuthenticatorIntf::AuthenticatorIntf (AuthenticatorIntf_Authenticate authenticate) | |
| The constructor is used by one of the BasicAuthenticator, DigestAuthenticator or FormAuthenticator constructors. | |
| AuthenticatedUser * | AuthenticatorIntf::authenticate (const char *relPath, HttpCommand *cmd) |
| Authenticate the user. More... | |
| LoginRespIntf::LoginRespIntf (LoginRespIntf_Service service) | |
| The UserIntf constructor. More... | |
| LoginTrackerIntf::LoginTrackerIntf (LoginTrackerIntf_Validate validate, LoginTrackerIntf_Login login, LoginTrackerIntf_LoginFailed loginFailed, LoginTrackerIntf_TerminateNode terminateNode) | |
| Create a LoginTrackerIntf. More... | |
| U32 | LoginTrackerNode::getCounter () |
| Returns the number of login attempts. | |
| U32 | LoginTrackerNode::getAuxCounter () |
| Get auxiliary counter. | |
| void | LoginTrackerNode::setAuxCounter (U32 count) |
| Set auxiliary counter. | |
| HttpSockaddr * | LoginTrackerNode::getAddr () |
| Return the HttpSockaddr. | |
| void | LoginTrackerNode::setUserData (void *data) |
| Store application data in this node. | |
| void * | LoginTrackerNode::getUserData () |
| Fetch stored application data in this node. | |
| BaTime | LoginTrackerNode::getTime () |
| Returns the time for the latest login attempt. | |
| LoginTracker::LoginTracker (U32 noOfLoginTrackerNodes, LoginTrackerIntf *intf, AllocatorIntf *allocator=AllocatorIntf::getDefault()) | |
| Create a LoginTracker instance. More... | |
| void | LoginTracker::clearCache () |
| Clear the LoginTrackerNode cache. | |
| LoginTrackerNode * | LoginTracker::getFirstNode () |
| Return first LoginTrackerNode in the cache or NULL if cache empty. | |
| LoginTrackerNode * | LoginTracker::getNextNode (LoginTrackerNode *n) |
| Return the next LoginTrackerNode in the cache or NULL if no more nodes. | |
| LoginTrackerNode * | LoginTracker::find (HttpRequest *request) |
| Find LoginTrackerNode in cache by using the IP address from the request object. More... | |
| Authenticator::Authenticator (UserIntf *userDbIntf, const char *realm, LoginRespIntf *sendLogin) | |
| void | Authenticator::setLoginTracker (LoginTracker *tracker) |
| Prevent dictionary attacks. More... | |
| BasicAuthenticator * | Authenticator::getBasicAuthenticator () |
| Get the internal BasicAuthenticator. | |
| DigestAuthenticator * | Authenticator::getDigestAuthenticator () |
| Get the internal DigestAuthenticator. | |
| FormAuthenticator * | Authenticator::getFormAuthenticator () |
| Get the internal FormAuthenticator. | |
| BasicAuthenticator::BasicAuthenticator (UserIntf *userDbIntf, const char *realm, LoginRespIntf *sendLogin) | |
| void | BasicAuthenticator::setLoginTracker (LoginTracker *tracker) |
| Prevent dictionary attacks. More... | |
| static void | BasicAuthenticator::setAutHeader (const char *realm, HttpResponse *response) |
| Sets a HTTP basic authenticate header and sets status to. More... | |
| DigestAuthenticator::DigestAuthenticator (UserIntf *userDbIntf, const char *realm, LoginRespIntf *sendLogin) | |
| void | DigestAuthenticator::setLoginTracker (LoginTracker *tracker) |
| Prevent dictionary attacks. More... | |
| static void | DigestAuthenticator::setAutHeader (const char *realm, HttpResponse *response) |
| Sets a HTTP digest authenticate header and sets status to. More... | |
| void | DigestAuthenticator::setStrictMode (bool enableStrictMode=false) |
| Enable strict mode. More... | |
| FormAuthenticator::FormAuthenticator (UserIntf *userDbIntf, const char *realm, LoginRespIntf *sendLogin) | |
| void | FormAuthenticator::setLoginTracker (LoginTracker *tracker) |
| Prevent dictionary attacks. More... | |
| void | FormAuthenticator::setSecure () |
| Set authenticator into secure mode and accept only SSL connections. More... | |
| DavAuth::DavAuth (UserIntf *userDbIntf, const char *realm) | |
| Create a DavAuth instance. More... | |
| BasicAuthenticator * | DavAuth::getBasicAuth () |
| Get the internal BasicAuthenticator. | |
| DigestAuthenticator * | DavAuth::getDigestAuth () |
| Get the internal DigestAuthenticator. | |
| void | DavAuth::setLoginTracker (LoginTracker *tracker) |
| Prevent dictionary attacks. More... | |
| typedef struct AuthenticatedUser AuthenticatedUser |
Abstract base class implemented by BasicAuthUser, FormAuthUser and DigestAuthUser.
Please see the User Authentication documentation for more information.
| typedef Authenticator Authenticator |
This class implements HTTP Basic, HTTP Digest, and Form-Based Authentication.
The Authentication class, which implements all authentication methods in the server, is very useful in a mixed client environment. A limitation with Basic and Digest authentication is that the pop-up window presented by the browser is not user friendly. Consequently, it is common to use a customizable HTML user interface for login. A non-browser client such as a C program, a Java program, or a Python script will usually not be able to display a HTML based login user interface. For this reason, it is recommended to use Basic or Digest authentication for non-browser clients.
The Authentication class makes it possible for the client to decide on the authentication method used. The default authentication is a "form login" and will automatically be used by a HTML browser interface.
A non-HTML client can force the authentication to be one of Basic or Digest by explicitly setting the "Authorization" HTTP header. An instance of the Authentication class analyzes the "Authorization" HTTP header and forwards the request to one of Basic, Digest, or form based login classes. A non-authenticated user requesting a resource without an "Authorization" header is forwarded to the form login class.
It is very simple to use the Authentication class if you use a client HTTP library that automatically handles Digest and/or Basic authentication. You simply set the header to one of Basic or Digest and leave the implementation details to the client HTTP library.
Forcing the login to be Basic or Digest from a client using a client HTTP library:
setHttpHeader("PrefAuth", "Basic"); /* force basic authentication */
setHttpHeader("PrefAuth", "Digest"); /* force digest authentication */
Other uses for the Authentication class include use of Digest authentication for clients that can properly handle Digest authentication and use of Basic authentication for clients that cannot properly handle or do not implement Digest authentication.
| typedef AuthenticatedUser *(* AuthenticatorIntf_Authenticate) (struct AuthenticatorIntf *super, const char *relPath, HttpCommand *cmd) |
The authenticator callback method for the abstract class AuthenticatorIntf.
| super | a pointer to the super class. |
| relPath | the URL's relative path |
| cmd | The HttpRequest HttpResponse container. |
| typedef BaBool(* AuthorizerIntf_Authorize) (struct AuthorizerIntf *intf, struct AuthenticatedUser *user, HttpMethod httpMethod, const char *path) |
Prototype for the Authorize callback method.
| intf | The object pointer, which you must upcast to your class implementation; i.e., MySecurityRealm* o = (MySecurityRealm*)intf; |
| user | A reference to the authenticated user. The method must return false if user is NULL. |
| httpMethod | The HTTP method type: From HttpRequest::getMethodType |
| path | the path to the requested resource. |
| typedef BasicAuthenticator BasicAuthenticator |
Implements Basic Authentication.
Please see the User Authentication documentation for more information.
This class implements HTTP Basic and HTTP Digest authentication.
The client selects the HTTP authentication method it wants to use. The authenticator also handles the domain name prefix added to the user name by many Microsoft HTTP clients.
This class was specifically designed for our WebDAV plugin, but the authenticator is also useful when authenticating non-browser clients in a mixed environment.
Implements Digest Authentication.
Please see the User Authentication documentation for more information.
| typedef FormAuthenticator FormAuthenticator |
Implements Form-Based Authentication.
See the User Authentication documentation for an introduction to authentication and authorization. A form authenticator can be used only by browser clients.
| typedef struct LoginRespIntf LoginRespIntf |
The LoginRespIntf is an abstract class, which must be implemented when using one of DigestAuthenticator, BasicAuthenticator, and FormAuthenticator.
The Barracuda authenticators call the service method if the user is not authenticated or failed to login. The service method must respond by sending a message to the client.
| typedef void(* LoginRespIntf_Service) (struct LoginRespIntf *intf, struct AuthInfo *info) |
This callback function is called if the user failed to authenticate with one of DigestAuthenticator, BasicAuthenticator, or FormAuthenticator.
The service function must send an appropriate error message to the client.
The callback is also called when a FormAuthenticator instance needs to send the form login page to the client. This callback can detect the difference between sending the login page and the error page by checking info->username. This variable is NULL when the callback must send the login page.
| typedef struct LoginTracker LoginTracker |
The LoginTracker class is an optional security enhancement that can be installed in an instance of one of the authenticator classes.
A hacker may write an automated password cracker tool to exploit weak passwords. This is often referred to as a Dictionary attack.
The purpose with the LoginTracker is to make it virtually impossible to perform dictionary attacks on the Barracuda authenticator classes. The LoginTracker keeps track of IP addresses that failed to supply the correct user and/or password. The LoginTracker keeps a cache of LoginTrackerNode instances where each LoginTrackerNode stores information such as IP address and time of login attempt.
You can download and try the FuguHub demo for a practical example of using the LoginTracker. Enter an invalid user/password when logging into the FuguHub Web Server and observe the response message.
| typedef struct LoginTrackerIntf LoginTrackerIntf |
The interface between the LoginTracker and the application code.
You must inherit and implement the callback methods required for the LoginTrackerIntf.
| typedef void(* LoginTrackerIntf_Login) (struct LoginTrackerIntf *o, AuthInfo *info, struct LoginTrackerNode *node) |
Prototype for the Login tracker method.
The Login method is called when a user is authenticated.
| o | the object |
| info | The AuthInfo container object. |
| node | may be be NULL if the object was recycled. This object is automatically terminated as soon as this callback returns; i.e., the terminate callback is called. |
| typedef void(* LoginTrackerIntf_LoginFailed) (struct LoginTrackerIntf *o, AuthInfo *info, struct LoginTrackerNode *node) |
Prototype for the LoginFailed callback method.
The LoginFailed method is called when a user attempts to log in and the user and/or password is incorrect.
One can potentially tarpit the failed login attempt if you run the HTTP server in threaded mode, but a short "login window" is probably more than sufficient in most applications. The "login window" length is controlled in the LoginTrackerIntf_Validate callback method.
| typedef void(* LoginTrackerIntf_TerminateNode) (struct LoginTrackerIntf *o, struct LoginTrackerNode *node) |
Prototype for the TerminateNode callback method.
The TerminateNode method is called when the LoginTracker reuses a node in the internal node cache. The TerminateNode method can be used for clearing/releasing any data set with method LoginTrackerNode::setUserData.
| typedef BaBool(* LoginTrackerIntf_Validate) (struct LoginTrackerIntf *o, AuthInfo *info, struct LoginTrackerNode *node) |
Prototype for the validate callback method.
The validate callback method is called before attempting to authorize a user. The validate callback method can keep track of the login counter in the LoginTrackerNode and either accepts or denies the user. The method should return true if the request is accepted and false if the request is denied. Attribute info.denied is set by the LoginTracker if this method returns false.
| typedef struct LoginTrackerNode LoginTrackerNode |
A LoginTrackerNode keeps track of how many times a user using a specific IP address has attempted to login to the server.
The LoginTracker stores LoginTrackerNodes internally in a cache.
Interface class used by the Authentication classes.
The getPwd function returns the user's password if user found.
The GetPwd callback function searches for info->username and sets AuthInfo::password if found and/or the AuthInfo::ct parameter.
info->userObj is NULL, but can be set in this callback to signal information to the other callbacks such as LoginRespIntf_Service.
info->user is NULL when this method is called.
The method is allowed to set header values and work with the response object. The authenticator stops authentication and returns FALSE if the response object is committed; i.e., the login fails.
The authenticator checks if the response is committed on return. The authenticator assumes the user is not authenticated if the response is committed.
| enum AuthInfoCT |
AuthInfo Credential Type can optionally be used by the UserIntf_GetPwd callback function.
| Enumerator | |
|---|---|
| AuthInfoCT_Password | The default. Password is returned in plaintext. |
| AuthInfoCT_HA1 | The password is returned as a HA1 hash, which is: MD5(username ":" realm ":" password) |
| AuthInfoCT_Valid | Set when getpwd callback successfully compared AuthInfo::upwd with stored password. |
| AuthInfoCT_Invalid | Set when getpwd callback failed comparing AuthInfo::upwd with stored password. |
| AuthenticatedUser * AuthenticatorIntf::authenticate | ( | const char * | relPath, |
| HttpCommand * | cmd | ||
| ) |
Authenticate the user.
| Authenticator::Authenticator | ( | UserIntf * | userDbIntf, |
| const char * | realm, | ||
| LoginRespIntf * | sendLogin | ||
| ) |
| userDbIntf | is a reference to a user database you must provide/implement. |
| realm | is the name of the Basic Authenticator realm. |
| sendLogin | must be an implementation of LoginRespIntf. |
| bool AuthorizerIntf::authorize | ( | struct AuthenticatedUser * | user, |
| HttpMethod | method, | ||
| const char * | path | ||
| ) |
Returns TRUE if user is authorized.
| user | AuthenticatedUser::get |
| method | The HTTP method type: From HttpRequest::getMethodType |
| path | The relative path element of the URL requested by the user. |
| AuthorizerIntf::AuthorizerIntf | ( | AuthorizerIntf_Authorize | authorize | ) |
The constructor.
| authorize | Pointer to authorize method. |
| BasicAuthenticator::BasicAuthenticator | ( | UserIntf * | userDbIntf, |
| const char * | realm, | ||
| LoginRespIntf * | sendLogin | ||
| ) |
| userDbIntf | is a reference to a user database you must provide/implement. |
| realm | is the name displayed in the browser's pop-up window. |
| sendLogin | must be an implementation of LoginRespIntf. |
| DavAuth::DavAuth | ( | UserIntf * | userDbIntf, |
| const char * | realm | ||
| ) |
Create a DavAuth instance.
| userDbIntf | is a reference to a user database you must provide/implement. |
| realm | is the realm name provided to the client. |
| DigestAuthenticator::DigestAuthenticator | ( | UserIntf * | userDbIntf, |
| const char * | realm, | ||
| LoginRespIntf * | sendLogin | ||
| ) |
| userDbIntf | is a reference to a user database you must provide/implement. |
| realm | is the name displayed in the browser's pop-up window. |
| sendLogin | must be an implementation of LoginRespIntf. |
| LoginTrackerNode * LoginTracker::find | ( | HttpRequest * | request | ) |
Find LoginTrackerNode in cache by using the IP address from the request object.
| FormAuthenticator::FormAuthenticator | ( | UserIntf * | userDbIntf, |
| const char * | realm, | ||
| LoginRespIntf * | sendLogin | ||
| ) |
| userDbIntf | is a reference to a user database you must provide/implement. |
| realm | is required when using HA1 password hashes. |
| sendLogin | must be an implementation of LoginRespIntf. |
|
static |
Returns a pointer to an instance of class AuthenticatedUser if a session object exists and if the user is authenticated, otherwise NULL is returned.
C name: AuthenticatedUser_get1
|
static |
Returns a pointer to an instance of class AuthenticatedUser if the user is authenticated, otherwise NULL is returned.
C name: AuthenticatedUser_get2
| HttpSession * AuthenticatedUser::getSession | ( | ) |
Get the session object.
| AuthenticatedUserType AuthenticatedUser::getType | ( | ) |
Returns the authenticator type that was used to authenticate this user.
| LoginRespIntf::LoginRespIntf | ( | LoginRespIntf_Service | service | ) |
The UserIntf constructor.
| service | a pointer to the response service callback function. |
| LoginTracker::LoginTracker | ( | U32 | noOfLoginTrackerNodes, |
| LoginTrackerIntf * | intf, | ||
| AllocatorIntf * | allocator = AllocatorIntf::getDefault() |
||
| ) |
Create a LoginTracker instance.
| noOfLoginTrackerNodes | size of internal LoginTrackerNode cache. |
| intf | the application interface used by the LoginTracker. |
| allocator | the allocator uses when allocating the LoginTracker nodes. |
| LoginTrackerIntf::LoginTrackerIntf | ( | LoginTrackerIntf_Validate | validate, |
| LoginTrackerIntf_Login | login, | ||
| LoginTrackerIntf_LoginFailed | loginFailed, | ||
| LoginTrackerIntf_TerminateNode | terminateNode | ||
| ) |
Create a LoginTrackerIntf.
| validate | validate a user. |
| login | A user successfully logged in. |
| loginFailed | The login attempt failed. |
| terminateNode | The LoginTrackerNode is recycled. |
| void AuthenticatedUser::logout | ( | bool | all = false | ) |
Logout user and terminate the session object.
You should use this method and not HttpSession:terminate when logging out a user.
Example
Basic and Digest logout:
With Basic and Digest authentication, the browser remembers the user and password. This means that this method will not have any effect with Basic and Digest since the user will be automatically logged in as soon as the browser sends a request to the server.
The only viable solution to logging out using Basic and Digest is to terminate the browser client.
| all | Set to true if you want to terminate all of the user's active sessions. A user may be logged in using more than one client. One must typically set all=true when changing password as all clients must be terminated or the clients may get a 403 response. |
|
static |
Sets a HTTP basic authenticate header and sets status to.
|
static |
Sets a HTTP digest authenticate header and sets status to.
| void Authenticator::setLoginTracker | ( | LoginTracker * | tracker | ) |
Prevent dictionary attacks.
| tracker | the IP address tracker. |
| void BasicAuthenticator::setLoginTracker | ( | LoginTracker * | tracker | ) |
Prevent dictionary attacks.
| tracker | the IP address tracker. |
| void DavAuth::setLoginTracker | ( | LoginTracker * | tracker | ) |
Prevent dictionary attacks.
| tracker | the IP address tracker. |
| void DigestAuthenticator::setLoginTracker | ( | LoginTracker * | tracker | ) |
Prevent dictionary attacks.
| tracker | the IP address tracker. |
| void FormAuthenticator::setLoginTracker | ( | LoginTracker * | tracker | ) |
Prevent dictionary attacks.
An interesting feature of the FormAuthenticator is that the form authenticator makes it difficult to perform dictionary attacks even without using the LoginTracker. The FormAuthenticator will make it extremely difficult to distinguish between valid and invalid login attempts, since the form authenticator sends HTTP 200 OK response messages instead of the numerous 400 type errors.
\param tracker the IP address tracker.
| void FormAuthenticator::setSecure | ( | ) |
Set authenticator into secure mode and accept only SSL connections.
The authenticator ignores non secure connections and directly calls the LoginRespIntf callback if not secure. You must add logic for testing for non secure connections in your callback.
| void DigestAuthenticator::setStrictMode | ( | bool | enableStrictMode = false | ) |
Enable strict mode.
Few browsers support this.
| UserIntf::UserIntf | ( | UserIntf_GetPwd | getPwd | ) |
The UserIntf constructor.
| getPwd | a pointer to the get password callback function. |