+void yf::AuthSimple::check_targets(yp2::Package & package) const
+{
+ Z_InitRequest *initReq = package.request().get()->u.z3950->u.initRequest;
+
+ Z_IdAuthentication *auth = initReq->idAuthentication;
+ // We only get into this method if we are dealing with a session
+ // that has been authenticated using idPass authentication. So we
+ // know what kind of information is in the Init Request, and we
+ // can trust the username without needing to re-authenticate.
+ assert(auth->which == Z_IdAuthentication_idPass);
+ std::string user = auth->u.idPass->userId;
+ std::list<std::string> authorisedTargets = m_p->targetsByUser[user];
+
+ std::list<std::string> targets;
+ Z_OtherInformation *otherInfo = initReq->otherInfo;
+ yp2::util::get_vhost_otherinfo(&otherInfo, 0, targets);
+
+ // Check each of the targets specified in the otherInfo package
+ std::list<std::string>::const_iterator i;
+ for (i = targets.begin(); i != targets.end(); i++) {
+ printf("checking target '%s'\n", (*i).c_str());
+ if (!contains(authorisedTargets, *i)) {
+ // ### check whether to quietly discard this target, or to reject
+ return reject_init(package,
+ YAZ_BIB1_ACCESS_TO_SPECIFIED_DATABASE_DENIED,
+ i->c_str());
+ }
+ }
+
+/*
+ // ### This is a no-op if the list has not changed
+ yp2::odr odr;
+ yp2::util::set_vhost_otherinfo(&otherInfo, odr, targets);
+*/
+ package.move();
+}
+
+