ProFTPD Developer's Guide: Obtaining Session Credentials

ProFTPD Version 1.2

Session Credentials
The credentials of a session, or its identity, are available via members of the global session variable. The credentials include user information, group membership information, and Class information (if used).

The session user members
These members are all set after the PASS command has been processed:

uid_t session.uid
This is the user's ID as supplied by the authentication layer.

char *session.user
During authentication, this member is set to the authenticated user's user name. Note that this user name may be different from the user name originally sent by the client if UserAliases are being used. If authentication fails for any reason, this is set to NULL.

char *session.ident_user
This member contains the name of the remote user as established using the ident protocol (RFC1413), once connection to the server has been made by the client, before any FTP commands are processed. If IdentLookups is set to off, this will be "UKNOWN".

char *session.anon_user
This member only has a value if the login is an anonymous one; otherwise, its value will be NULL. For anonymous logins, this member will contain the "password" (usually an email address) sent by the client. However, if AnonRequirePassword is set to on, it will contain the original username sent by client.

In addition to these session members, there is an additional place in which user identity information (specifically, the user name originally sent by the client in the USER command) is stored: in a config_rec, and is retrievable like this:

  char *user = (char *) get_param_ptr(main_server->conf, C_USER, FALSE);

This config_rec is set in cmd_pass(), and is never removed.

The session group members
These members are all set after the PASS command has been processed:

gid_t session.gid
This is the user's primary GID, as supplied by the authentication layer.

char *session.group
This is the user's primary group name, as supplied by the authentication layer.

array_header *session.gids
array_header *session.groups
session.gids contains gid_ts; session.groups contains strings, group names to match the IDs in session.gids. These arrays provide the supplemental group membership, and are filled in by the authentication layer.

The session Class member

class_t *session.class
If Classes are being used (i.e. Class is set to on), this member will contain a pointer to the Class struct for the current session. It is set once the client has connected to the server, before any modules' child initialization handlers have been run and before any FTP commands are processed.

Table of Contents

Author: $Author: castaglia $
Last Updated: $Date: 2003/01/02 17:39:30 $