[prev in list] [next in list] [prev in thread] [next in thread]
List: jboss-cvs-commits
Subject: [jboss-cvs] contrib/iiop/src/main/org/jboss/iiop/csiv2 SASClientIdentityInterceptor2.java SASClientI
From: Francisco Reverbel <reverbel () users ! sourceforge ! net>
Date: 2004-06-29 4:30:27
Message-ID: E1BfAGJ-0004n1-2y () sc8-pr-cvs1 ! sourceforge ! net
[Download RAW message or body]
User: reverbel
Date: 04/06/28 21:30:27
Added: iiop/src/main/org/jboss/iiop/csiv2
SASClientIdentityInterceptor2.java
SASClientInitializer2.java
SASClientInterceptor2.java SASCurrentImpl2.java
SASInitializer2.java
Log:
Alternative versions of the client-side request interceptor
(SASClientInterceptor2.java and SASClientInitializer2.java),
of the server-side client request interceptor
(SASClientIdentityInterceptor2.java and SASInitializer2.java),
and of the SAS current implementation (SASCurrentImpl2.java).
Usage:
- put the portable interceptor initializer
org.jboss.iiop.csiv2.SASInitializer2 in the server config
- put the portable interceptor initializer
org.jboss.iiop.csiv2.SASSASClientInitializer2 in the client config.
Revision Changes Path
1.1 contrib/iiop/src/main/org/jboss/iiop/csiv2/SASClientIdentityInterceptor2.java
Index: SASClientIdentityInterceptor2.java
===================================================================
package org.jboss.iiop.csiv2;
/*
* JacORB - a free Java ORB
*
* Copyright (C) 2004 Gerald Brose.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the Free
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
import java.security.Principal;
import org.omg.CORBA.Any;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.MARSHAL;
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
import org.omg.CORBA.TCKind;
import org.omg.CSI.AuthorizationElement;
import org.omg.CSI.EstablishContext;
import org.omg.CSI.GSS_NT_ExportedNameHelper;
import org.omg.CSI.ITTAnonymous;
import org.omg.CSI.IdentityToken;
import org.omg.CSI.MTContextError;
import org.omg.CSI.SASContextBody;
import org.omg.CSI.SASContextBodyHelper;
import org.omg.IOP.Codec;
import org.omg.IOP.CodecPackage.FormatMismatch;
import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
import org.omg.IOP.CodecPackage.TypeMismatch;
import org.omg.IOP.ServiceContext;
import org.omg.IOP.TaggedComponent;
import org.omg.PortableInterceptor.ClientRequestInfo;
import org.omg.PortableInterceptor.ClientRequestInterceptor;
import org.omg.CSIIOP.CompoundSecMech;
import org.omg.CSIIOP.CompoundSecMechList;
import org.omg.CSIIOP.CompoundSecMechListHelper;
import org.omg.CSIIOP.EstablishTrustInClient;
import org.omg.CSIIOP.IdentityAssertion;
import org.omg.CSIIOP.TAG_CSI_SEC_MECH_LIST;
import org.omg.GSSUP.InitialContextToken;
import org.jacorb.orb.MinorCodes;
import org.jacorb.security.csiv2.Util;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.RunAsIdentity;
import org.jboss.logging.Logger;
/**
* This implementation of
* <code>org.omg.PortableInterceptor.ClientRequestInterceptor</code> inserts
* the security attribute service (SAS) context into outgoing IIOP requests
* and handles the SAS messages received from the target security service
* in the SAS context of incoming IIOP replies.
*
* @author <a href="mailto:reverbel@ime.usp.br">Francisco Reverbel</a>
* @version $Revision: 1.1 $
*/
public class SASClientIdentityInterceptor2
extends LocalObject
implements ClientRequestInterceptor
{
private static Logger log = Logger.getLogger(SASClientIdentityInterceptor2.class);
// Constants ------------------------------------------------------
private static final int sasContextId =
org.omg.IOP.SecurityAttributeService.value;
/*
* Pre-built empty tokens
*/
private static final IdentityToken absentIdentityToken;
static {
absentIdentityToken = new IdentityToken();
absentIdentityToken.absent(true);
}
private static final AuthorizationElement[] noAuthorizationToken = {};
private static final byte[] noAuthenticationToken = {};
// Fields ---------------------------------------------------------
private Codec codec;
/*
* Username and password of this server, in case it does not use an
* SSL certificate to authenticate itself when acting as a client.
*/
private static final String serverUsername = "j2ee"; // hardcoded (REVISIT!)
private static final String serverPassword = "j2ee"; // hardcoded (REVISIT!)
// Constructor ----------------------------------------------------
public SASClientIdentityInterceptor2(Codec codec)
{
this.codec = codec;
}
// Methods -------------------------------------------------------
// org.omg.PortableInterceptor.Interceptor operations ------------
public String name()
{
return "SASClientIdentityInterceptor2";
}
public void destroy()
{
// do nothing
}
// ClientRequestInterceptor operations ---------------------------
public void send_request(ClientRequestInfo ri)
{
try
{
CompoundSecMech secMech =
CSIv2Util.getMatchingSecurityMech(
ri,
codec,
(short)(EstablishTrustInClient.value
+ IdentityAssertion.value), /* client supports */
(short)0 /* client requires */);
if (secMech == null)
return;
// these "null tokens" will be changed if needed
IdentityToken identityToken = absentIdentityToken;
byte[] encodedAuthenticationToken = noAuthenticationToken;
if ((secMech.sas_context_mech.target_supports
& IdentityAssertion.value) != 0)
{
// will create identity token
Principal p = null;
RunAsIdentity runAs = SecurityAssociation.peekRunAsIdentity();
if( runAs != null )
{
// will use run-as identity
p = runAs;
}
else
{
// will use caller identity
p = SecurityAssociation.getPrincipal();
}
if( p != null )
{
// The name scope needs to be externalized
String name = p.getName();
if (name.indexOf('@') < 0)
name += "@default"; // hardcoded (REVISIT!)
byte[] principalName = name.getBytes("UTF-8");
// encode the principal name as mandated by RFC2743
byte[] encodedName = Util.encodeGssExportedName(principalName);
// encapsulate the encoded name
Any any = ORB.init().create_any();
byte[] encapsulatedEncodedName = null;
GSS_NT_ExportedNameHelper.insert(any, encodedName);
try
{
encapsulatedEncodedName = codec.encode_value(any);
}
catch(InvalidTypeForEncoding e)
{
throw new RuntimeException("Unexpected exception: " + e);
}
// create identity token
identityToken = new IdentityToken();
identityToken.principal_name(encapsulatedEncodedName);
}
else if ((secMech.sas_context_mech.supported_identity_types
& ITTAnonymous.value) != 0)
{
// no run-as or caller identity and the target
// supports ITTAnonymous: use the anonymous identity
identityToken = new IdentityToken();
identityToken.anonymous(true);
}
}
if ((secMech.as_context_mech.target_requires
& EstablishTrustInClient.value) != 0)
{
// will create authentication token with the
// configured pair serverUsername/serverPassword
byte[] encodedTargetName = secMech.as_context_mech.target_name;
String name = serverUsername;
if (name.indexOf('@') < 0)
{
byte[] decodedTargetName =
Util.decodeGssExportedName(encodedTargetName);
String targetName = new String(decodedTargetName, "UTF-8");
name += "@" + targetName; // "@default"
}
byte[] username = name.getBytes("UTF-8");
// I don't know why there is not a better way
// to go from char[] -> byte[]
byte[] password = serverPassword.getBytes("UTF-8");
// create authentication token
InitialContextToken authenticationToken =
new InitialContextToken(username,
password,
encodedTargetName);
// ASN.1-encode it, as defined in RFC 2743
encodedAuthenticationToken =
Util.encodeInitialContextToken(authenticationToken, codec);
}
if (identityToken != absentIdentityToken
|| encodedAuthenticationToken != noAuthenticationToken)
{
// at least one non-null token was created,
// create EstablishContext message with it
EstablishContext message =
new EstablishContext(0, // stateless ctx id
noAuthorizationToken,
identityToken,
encodedAuthenticationToken);
// create SAS context with the EstablishContext message
SASContextBody contextBody = new SASContextBody();
contextBody.establish_msg(message);
// stuff the SAS context into the outgoing request
Any any = ORB.init().create_any();
SASContextBodyHelper.insert(any, contextBody);
ServiceContext sc =
new ServiceContext(sasContextId, codec.encode_value(any));
ri.add_request_service_context(sc,
true /*replace existing context*/);
}
}
catch(java.io.UnsupportedEncodingException e)
{
throw new MARSHAL("Unexpected exception: " + e);
}
catch(InvalidTypeForEncoding e)
{
throw new MARSHAL("Unexpected exception: " + e);
}
}
public void send_poll(ClientRequestInfo ri)
{
// do nothing
}
public void receive_reply(ClientRequestInfo ri)
{
try
{
ServiceContext sc = ri.get_reply_service_context(sasContextId);
Any msg = codec.decode_value(sc.context_data,
SASContextBodyHelper.type());
SASContextBody contextBody = SASContextBodyHelper.extract(msg);
// At this point contextBody should contain a
// CompleteEstablishContext message, which does not require any
// treatment. ContextError messages should arrive via
// receive_exception().
// System.err.println(">>> SAS reply, type " +
// contextBody.discriminator());
if( contextBody.discriminator() == MTContextError.value )
{
// should not happen
throw new NO_PERMISSION("Unexpected ContextError in SAS reply",
MinorCodes.SAS_CSS_FAILURE,
CompletionStatus.COMPLETED_YES);
}
}
catch(BAD_PARAM e)
{
// no service context with sasContextId: do nothing
}
catch(FormatMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
0,
CompletionStatus.COMPLETED_YES);
}
catch(TypeMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
0,
CompletionStatus.COMPLETED_YES);
}
}
public void receive_exception(ClientRequestInfo ri)
{
try
{
ServiceContext sc = ri.get_reply_service_context(sasContextId);
Any msg = codec.decode_value(sc.context_data,
SASContextBodyHelper.type());
SASContextBody contextBody = SASContextBodyHelper.extract(msg);
// At this point contextBody may contain a either a
// CompleteEstablishContext message or a ContextError message.
// Neither message requires any treatment. We decoded the context
// body just to check that it contains a well-formed message.
// System.err.println(">>> SAS reply, type " +
// contextBody.discriminator());
}
catch(BAD_PARAM e)
{
// no service context with sasContextId: do nothing
}
catch(FormatMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
MinorCodes.SAS_CSS_FAILURE,
CompletionStatus.COMPLETED_MAYBE);
}
catch(TypeMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
MinorCodes.SAS_CSS_FAILURE,
CompletionStatus.COMPLETED_MAYBE);
}
}
public void receive_other(ClientRequestInfo ri)
{
// do nothing
}
CompoundSecMech getSecurityMech(ClientRequestInfo ri)
{
CompoundSecMechList csmList = null;
CompoundSecMech securityMech = null;
try
{
TaggedComponent tc = ri.get_effective_component(TAG_CSI_SEC_MECH_LIST.value);
Any any = codec.decode_value(tc.component_data,
CompoundSecMechListHelper.type());
csmList = CompoundSecMechListHelper.extract(any);
// at this point you can inspect the fields csmList.stateful
// and csmList.mechanism_list. The latter is an array of
// org.omg.CSIIOP.CompoundSecMech instances, which in our IORs
// has length 1.
//
// The actual info you want is in csmList.mechanism_list[0].
securityMech = csmList.mechanism_list[0];
}
catch (BAD_PARAM e)
{
// no component with TAG_CSI_SEC_MECH_LIST was found
}
catch (org.omg.IOP.CodecPackage.TypeMismatch tm)
{
// unexpected exception in codec.decode_value
}
catch (org.omg.IOP.CodecPackage.FormatMismatch tm)
{
// unexpected exception in codec.decode_value
}
return securityMech;
}
}
1.1 contrib/iiop/src/main/org/jboss/iiop/csiv2/SASClientInitializer2.java
Index: SASClientInitializer2.java
===================================================================
package org.jboss.iiop.csiv2;
/*
* JacORB - a free Java ORB
*
* Copyright (C) 2004 Gerald Brose.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the Free
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
import org.omg.CORBA.LocalObject;
import org.omg.IOP.Codec;
import org.omg.IOP.ENCODING_CDR_ENCAPS;
import org.omg.IOP.Encoding;
import org.omg.PortableInterceptor.ORBInitInfo;
import org.omg.PortableInterceptor.ORBInitInfoPackage.InvalidName;
import org.omg.PortableInterceptor.ORBInitializer;
/**
* This is an <code>org.omg.PortableInterceptor.ORBInitializer</code> that
* initializes the Security Attibute Service (SAS).
*
* @author <a href="mailto:reverbel@ime.usp.br">Francisco Reverbel</a>
* @version $Revision: 1.1 $
*/
public class SASClientInitializer2
extends LocalObject
implements ORBInitializer
{
public SASClientInitializer2()
{
// do nothing
}
// org.omg.PortableInterceptor.ORBInitializer operations ---------
public void pre_init(ORBInitInfo info)
{
}
public void post_init(ORBInitInfo info)
{
try
{
org.omg.CORBA.Object obj;
// Use CDR encapsulations with GIOP 1.0 encoding
Encoding encoding = new Encoding(ENCODING_CDR_ENCAPS.value,
(byte) 1, /* GIOP version */
(byte) 0 /* GIOP revision*/);
Codec codec = info.codec_factory().create_codec(encoding);
// Create and register client interceptor
SASClientInterceptor2 clientInterceptor =
new SASClientInterceptor2(codec);
info.add_client_request_interceptor(clientInterceptor);
}
catch(Exception e)
{
throw new RuntimeException("Unexpected " + e);
}
}
}
1.1 contrib/iiop/src/main/org/jboss/iiop/csiv2/SASClientInterceptor2.java
Index: SASClientInterceptor2.java
===================================================================
package org.jboss.iiop.csiv2;
/*
* JacORB - a free Java ORB
*
* Copyright (C) 2004 Gerald Brose.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the Free
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
import java.security.Principal;
import org.omg.CORBA.Any;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.MARSHAL;
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.TCKind;
import org.omg.CSI.AuthorizationElement;
import org.omg.CSI.EstablishContext;
import org.omg.CSI.IdentityToken;
import org.omg.CSI.MTContextError;
import org.omg.CSI.SASContextBody;
import org.omg.CSI.SASContextBodyHelper;
import org.omg.CSIIOP.CompoundSecMech;
import org.omg.CSIIOP.TAG_CSI_SEC_MECH_LIST;
import org.omg.CSIIOP.CompoundSecMechListHelper;
import org.omg.CSIIOP.CompoundSecMechList;
import org.omg.CSIIOP.AS_ContextSec;
import org.omg.CSIIOP.SAS_ContextSec;
import org.omg.CSIIOP.EstablishTrustInClient;
import org.omg.GSSUP.InitialContextToken;
import org.omg.IOP.Codec;
import org.omg.IOP.CodecPackage.FormatMismatch;
import org.omg.IOP.CodecPackage.TypeMismatch;
import org.omg.IOP.ServiceContext;
import org.omg.IOP.TaggedComponent;
import org.omg.PortableInterceptor.ClientRequestInfo;
import org.omg.PortableInterceptor.ClientRequestInterceptor;
import org.jacorb.orb.MinorCodes;
import org.jacorb.security.csiv2.Util;
import org.jboss.security.SecurityAssociation;
/**
* This implementation of
* <code>org.omg.PortableInterceptor.ClientRequestInterceptor</code> inserts
* the security attribute service (SAS) context into outgoing IIOP requests
* and handles the SAS messages received from the target security service
* in the SAS context of incoming IIOP replies.
*
* @author <a href="mailto:reverbel@ime.usp.br">Francisco Reverbel</a>
* @version $Revision: 1.1 $
*/
public class SASClientInterceptor2
extends LocalObject
implements ClientRequestInterceptor
{
// Constants ------------------------------------------------------
private static final int sasContextId =
org.omg.IOP.SecurityAttributeService.value;
private static final IdentityToken absentIdentityToken;
static {
absentIdentityToken = new IdentityToken();
absentIdentityToken.absent(true);
}
private static final AuthorizationElement[] noAuthorizationToken = {};
// Fields ---------------------------------------------------------
private Codec codec;
// Constructor ---------------------------------------------------
public SASClientInterceptor2(Codec codec)
{
this.codec = codec;
}
// Methods -------------------------------------------------------
// org.omg.PortableInterceptor.Interceptor operations ------------
public String name()
{
return "SASClientInterceptor2";
}
public void destroy()
{
// do nothing
}
// ClientRequestInterceptor operations ---------------------------
public void send_request(ClientRequestInfo ri)
{
try
{
CompoundSecMech secMech =
CSIv2Util.getMatchingSecurityMech(
ri,
codec,
EstablishTrustInClient.value, /* client supports */
(short)0 /* client requires */);
if (secMech == null)
return;
if ((secMech.as_context_mech.target_supports
& EstablishTrustInClient.value) != 0)
{
Principal p = SecurityAssociation.getPrincipal();
if (p != null)
{
byte[] encodedTargetName = secMech.as_context_mech.target_name;
// The name scope needs to be externalized
String name = p.getName();
if (name.indexOf('@') < 0)
{
byte[] decodedTargetName =
Util.decodeGssExportedName(encodedTargetName);
String targetName = new String(decodedTargetName, "UTF-8");
name += "@" + targetName; // "@default"
}
byte[] username = name.getBytes("UTF-8");
// I don't know why there is not a better way
// to go from char[] -> byte[]
Object credential = SecurityAssociation.getCredential();
byte[] password = {};
if (credential instanceof char[])
{
String tmp = new String((char[]) credential);
password = tmp.getBytes("UTF-8");
}
else if (credential instanceof byte[])
password = (byte[])credential;
else if (credential != null)
{
String tmp = credential.toString();
password = tmp.getBytes("UTF-8");
}
// create authentication token
InitialContextToken authenticationToken =
new InitialContextToken(username,
password,
encodedTargetName);
// ASN.1-encode it, as defined in RFC 2743
byte[] encodedAuthenticationToken =
Util.encodeInitialContextToken(authenticationToken, codec);
// create EstablishContext message with the encoded token
EstablishContext message =
new EstablishContext(0, // stateless ctx id
noAuthorizationToken,
absentIdentityToken,
encodedAuthenticationToken);
// create SAS context with the EstablishContext message
SASContextBody contextBody = new SASContextBody();
contextBody.establish_msg(message);
// stuff the SAS context into the outgoing request
Any any = ORB.init().create_any();
SASContextBodyHelper.insert(any, contextBody);
ServiceContext sc =
new ServiceContext(sasContextId, codec.encode_value(any));
ri.add_request_service_context(sc,
true /*replace existing context*/);
}
}
}
catch(java.io.UnsupportedEncodingException e)
{
throw new MARSHAL("Unexpected exception: " + e);
}
catch(org.omg.IOP.CodecPackage.InvalidTypeForEncoding e)
{
throw new MARSHAL("Unexpected exception: " + e);
}
}
public void send_poll(ClientRequestInfo ri)
{
// do nothing
}
public void receive_reply(ClientRequestInfo ri)
{
try
{
ServiceContext sc = ri.get_reply_service_context(sasContextId);
Any msg = codec.decode_value(sc.context_data,
SASContextBodyHelper.type());
SASContextBody contextBody = SASContextBodyHelper.extract(msg);
// At this point contextBody should contain a
// CompleteEstablishContext message, which does not require any
// treatment. ContextError messages should arrive via
// receive_exception().
// System.err.println(">>> SAS reply, type " +
// contextBody.discriminator());
if( contextBody.discriminator() == MTContextError.value )
{
// should not happen
throw new NO_PERMISSION("Unexpected ContextError in SAS reply",
MinorCodes.SAS_CSS_FAILURE,
CompletionStatus.COMPLETED_YES);
}
}
catch(BAD_PARAM e)
{
// no service context with sasContextId: do nothing
}
catch(FormatMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
0,
CompletionStatus.COMPLETED_YES);
}
catch(TypeMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
0,
CompletionStatus.COMPLETED_YES);
}
}
public void receive_exception(ClientRequestInfo ri)
{
try
{
ServiceContext sc = ri.get_reply_service_context(sasContextId);
Any msg = codec.decode_value(sc.context_data,
SASContextBodyHelper.type());
SASContextBody contextBody = SASContextBodyHelper.extract(msg);
// At this point contextBody may contain a either a
// CompleteEstablishContext message or a ContextError message.
// Neither message requires any treatment. We decoded the context
// body just to check that it contains a well-formed message.
// System.err.println(">>> SAS reply, type " +
// contextBody.discriminator());
}
catch(BAD_PARAM e)
{
// no service context with sasContextId: do nothing
}
catch(FormatMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
MinorCodes.SAS_CSS_FAILURE,
CompletionStatus.COMPLETED_MAYBE);
}
catch(TypeMismatch e)
{
throw new MARSHAL("Could not parse SAS reply: " + e,
MinorCodes.SAS_CSS_FAILURE,
CompletionStatus.COMPLETED_MAYBE);
}
}
public void receive_other(ClientRequestInfo ri)
{
// do nothing
}
}
1.1 contrib/iiop/src/main/org/jboss/iiop/csiv2/SASCurrentImpl2.java
Index: SASCurrentImpl2.java
===================================================================
package org.jboss.iiop.csiv2;
/*
* JacORB - a free Java ORB
*
* Copyright (C) 2004 Gerald Brose.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the Free
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import javax.management.ObjectName;
import org.omg.CORBA.Any;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.ORB;
import org.omg.CORBA.NO_IMPLEMENT;
import org.omg.CSI.IdentityToken;
import org.jacorb.csiv2.SASCurrent;
/**
* This class implements <code>org.jacorb.csiv2.SASCurrent</code>.
*
* @author <a href="mailto:reverbel@ime.usp.br">Francisco Reverbel</a>
* @version $Revision: 1.1 $
*/
public class SASCurrentImpl2
extends LocalObject
implements SASCurrent
{
// Fields --------------------------------------------------------
private static ThreadLocal ejbPolicy = new ThreadLocal();
private SASTargetInterceptor serverInterceptor;
private byte[] defaultOutgoingTargetName;
// Initializer ---------------------------------------------------
public void init(SASTargetInterceptor serverInterceptor)
{
this.serverInterceptor = serverInterceptor;
}
public void setCurrentPolicy(ObjectName containerName)
{
ejbPolicy.set(containerName);
}
public void clearCurrentPolicy()
{
ejbPolicy.set(null);
}
public Object getCurrentPolicy()
{
return ejbPolicy.get();
}
// org.jacorb.csiv2.SASCurrent operations ------------------------
/**
* This method is intended to be called at configuration time.
*/
public void set_default_outgoing_target_name(byte[] targetName)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void set_outgoing_username_password(byte[] username,
byte[] password)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void set_outgoing_username(byte[] username)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void set_outgoing_password(byte[] password)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void set_outgoing_target_name(byte[] targetName)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void clear_outgoing_username_password()
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void set_outgoing_identity(IdentityToken token)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void set_outgoing_principal_name(byte[] principalName)
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public void clear_outgoing_identity()
{
throw new NO_IMPLEMENT("This method has been deprecated.");
}
public boolean context_received()
{
return serverInterceptor.sasContextReceived();
}
public boolean client_authentication_info_received()
{
return serverInterceptor.authenticationTokenReceived();
}
public byte[] get_incoming_username()
{
return serverInterceptor.getIncomingUsername();
}
public byte[] get_incoming_password()
{
return serverInterceptor.getIncomingPassword();
}
public byte[] get_incoming_target_name()
{
return serverInterceptor.getIncomingTargetName();
}
public IdentityToken get_incoming_identity()
{
return serverInterceptor.getIncomingIdentity();
}
public int get_incoming_identity_token_type()
{
return serverInterceptor.getIncomingIdentity().discriminator();
}
public byte[] get_incoming_principal_name()
{
return serverInterceptor.getIncomingPrincipalName();
}
public void reject_incoming_context()
{
serverInterceptor.rejectIncomingContext();
}
}
1.1 contrib/iiop/src/main/org/jboss/iiop/csiv2/SASInitializer2.java
Index: SASInitializer2.java
===================================================================
package org.jboss.iiop.csiv2;
/*
* JacORB - a free Java ORB
*
* Copyright (C) 2004 Gerald Brose.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the Free
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
import org.omg.CORBA.LocalObject;
import org.omg.IOP.Codec;
import org.omg.IOP.ENCODING_CDR_ENCAPS;
import org.omg.IOP.Encoding;
import org.omg.PortableInterceptor.ORBInitInfo;
import org.omg.PortableInterceptor.ORBInitInfoPackage.InvalidName;
import org.omg.PortableInterceptor.ORBInitializer;
import org.jacorb.csiv2.SASCurrent;
/**
* This is an <code>org.omg.PortableInterceptor.ORBInitializer</code> that
* initializes the Security Attibute Service (SAS).
*
* @author <a href="mailto:reverbel@ime.usp.br">Francisco Reverbel</a>
* @version $Revision: 1.1 $
*/
public class SASInitializer2
extends LocalObject
implements ORBInitializer
{
public SASInitializer2()
{
// do nothing
}
// org.omg.PortableInterceptor.ORBInitializer operations ---------
public void pre_init(ORBInitInfo info)
{
try
{
// Create and register the SASCurrent
SASCurrent sasCurrent = new SASCurrentImpl2();
info.register_initial_reference("SASCurrent", sasCurrent);
}
catch(InvalidName e)
{
throw new RuntimeException("Could not register initial " +
"reference for SASCurrent: " + e);
}
}
public void post_init(ORBInitInfo info)
{
try
{
// Use CDR encapsulations with GIOP 1.0 encoding
Encoding encoding = new Encoding(ENCODING_CDR_ENCAPS.value,
(byte) 1, /* GIOP version */
(byte) 0 /* GIOP revision*/);
Codec codec = info.codec_factory().create_codec(encoding);
// Create and register client interceptor
SASClientIdentityInterceptor2 clientInterceptor =
new SASClientIdentityInterceptor2(codec);
info.add_client_request_interceptor(clientInterceptor);
// Create and register server interceptor
SASTargetInterceptor serverInterceptor =
new SASTargetInterceptor(codec);
info.add_server_request_interceptor(serverInterceptor);
// Initialize the SASCurrent implementation
org.omg.CORBA.Object obj =
info.resolve_initial_references("SASCurrent");
SASCurrentImpl2 sasCurrentImpl = (SASCurrentImpl2) obj;
sasCurrentImpl.init(serverInterceptor);
}
catch(Exception e)
{
throw new RuntimeException("Unexpected " + e);
}
}
}
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
jboss-cvs-commits mailing list
jboss-cvs-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-cvs-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic