Ignore:
Timestamp:
2013-05-08T20:27:02+12:00 (11 years ago)
Author:
ak19
Message:

Authentication at perl level for when setting user-added comments. 1. metadata-server.plnow encrypts the key, so that it can be checked against what's in the key db. 2. gdslCGI.pm now has an encrypt_key subroutine. 3. baseaction.pm's authentication_enabled is turned on and the authenticate_user() subroutine now follows recpt's userdb.cpp::check_key by first checking for a given key when no password is given, and if the key validates and isn't stale, then its timestamp in the key db is updated. The code for checking the group that the user belongs to (which had been commented out since user comments can be set by anyone with a GS account, they don't need to belong to a collection editing group) has been moved to a new function called check_group, with the line calling it commented out. 4. style.dm passes in un and ky cgi args to the gsapi object's constructor. 5. gsajaxapi.js's constructor takes the un and ky parameters and then uses these in the Get and Post methods when making calls to metadata-server.pl.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone2/common-src/cgi-bin/gsdlCGI.pm

    r27158 r27318  
    802802    }else{
    803803    $java_classpath = $java_gsdl3_classpath . ";" . $java_remaining_classpath;
    804     }
     804    } # can't use util::envvar_prepend(), since the $java_classpath here is not a $ENV type env variable
    805805   
    806806    my $java_command="\"$java\" -classpath \"$java_classpath\" org.greenstone.gsdl3.service.Authentication \"$password\""; # 2>&1";
     
    808808
    809809    return $hashedpwd;
     810}
     811
     812sub encrypt_key
     813{
     814    my $self = shift @_;
     815
     816    # I think the encryption method used on the key may be the same for GS3 and GS2
     817    # (The encryption method used on the pw definitely differs between the two GS versions)
     818    if (defined $self->param("ky")) {
     819    require "$self->{'gsdlhome'}/perllib/cpan/Crypt/UnixCrypt.pm";  # This is OK on Windows
     820    $self->param('-name' => "ky", '-value' => &Crypt::UnixCrypt::crypt($self->clean_param("ky"), "Tp"));
     821    }
    810822}
    811823
Note: See TracChangeset for help on using the changeset viewer.