blob: 94646f100cb5328d450e03e81e31d7ea49fb28a4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
Index: base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java
===================================================================
--- base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java (revision 2103)
+++ base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java (revision 2104)
@@ -64,23 +64,31 @@
String givenHost = httpReq.getParameter("hostname");
CMS.debug("TokenAuthentication: givenHost=" + givenHost);
+ boolean checkIP = false;
+ try {
+ checkIP = config.getBoolean("securitydomain.checkIP", false);
+ } catch (Exception e) {
+ }
+
ISecurityDomainSessionTable table = CMS.getSecurityDomainSessionTable();
String uid = "";
String gid = "";
CMS.debug("TokenAuthentication: checking session in the session table");
if (table.isSessionIdExist(sessionId)) {
CMS.debug("TokenAuthentication: found session");
+ if (checkIP) {
String hostname = table.getIP(sessionId);
- if (hostname.equals(givenHost)) {
- CMS.debug("TokenAuthentication: hostname and givenHost matched");
- uid = table.getUID(sessionId);
- gid = table.getGroup(sessionId);
- } else {
- CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost=" + givenHost + " is different");
+ if (! hostname.equals(givenHost)) {
+ CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost="
+ + givenHost + " are different");
CMS.debug("TokenAuthenticate authenticate failed, wrong hostname.");
outputError(httpResp, "Error: Failed Authentication");
return;
}
+ }
+
+ uid = table.getUID(sessionId);
+ gid = table.getGroup(sessionId);
} else {
CMS.debug("TokenAuthentication: session not found");
CMS.debug("TokenAuthentication authenticate failed, session id does not exist.");
|