summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhil Mesnier <mesnier_p@ociweb.com>2007-06-19 15:45:51 +0000
committerPhil Mesnier <mesnier_p@ociweb.com>2007-06-19 15:45:51 +0000
commit0440a770baceea2dbdb7f4f423bf03db9270a220 (patch)
treee027c02cd6f2b6555547c233866218df74600d05
parent6c127addcbbbd916af24f2c1d7f3a3a0807c0ad8 (diff)
downloadATCD-oci_mixed_security_2.tar.gz
* orbsvcs/Naming_Service/NT_Naming_Server.cpp:oci_mixed_security_2
Emacs compatibility fix. * orbsvcs/orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.cpp: Clean up compilation errors from earlier commit. * orbsvcs/orbsvcs/Security/SL2_SecurityManager.h: * orbsvcs/orbsvcs/Security/SL2_SecurityManager.cpp: * orbsvcs/orbsvcs/SecurityLevel2.idl: Extended the add_object and remove_object parameter list to be consistent with the access_allowed_ex. This avoids having to do more invasive changes to existing TAO core libraries in order to map object references in a way that they can be reliably compared to target references. * orbsvcs/tests/Security/mixed_security_test/server.cpp: Modify use of add_object to be consistent with interface changes.
-rw-r--r--TAO/orbsvcs/Naming_Service/NT_Naming_Server.cpp2
-rw-r--r--TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.cpp10
-rw-r--r--TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.cpp122
-rw-r--r--TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.h26
-rw-r--r--TAO/orbsvcs/orbsvcs/SecurityLevel2.idl10
-rw-r--r--TAO/orbsvcs/tests/Security/mixed_security_test/server.cpp12
6 files changed, 118 insertions, 64 deletions
diff --git a/TAO/orbsvcs/Naming_Service/NT_Naming_Server.cpp b/TAO/orbsvcs/Naming_Service/NT_Naming_Server.cpp
index d510360f1a2..f8533a74e85 100644
--- a/TAO/orbsvcs/Naming_Service/NT_Naming_Server.cpp
+++ b/TAO/orbsvcs/Naming_Service/NT_Naming_Server.cpp
@@ -1,4 +1,4 @@
-// *- C++ -*-
+// -*- C++ -*-
// $Id$
// ============================================================================
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.cpp
index a7293f1b11b..ddcf5182e5e 100644
--- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.cpp
+++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.cpp
@@ -100,7 +100,7 @@ TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
this->sec2manager_->access_decision ();
TAO::SL2::AccessDecision_var ad =
TAO::SL2::AccessDecision::_narrow (ad_tmp.in ());
-
+
CORBA::Boolean const no_ssl =
this->ssliop_current_->no_context ();
@@ -119,7 +119,7 @@ TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
* Set up all the arguments needed by the call
* to AccessDecision::access_allowed()
*/
-
+
/* Get the credentials from SSLIOP */
SecurityLevel2::CredentialsList cred_list; // initial empty?
#if 0
@@ -134,7 +134,7 @@ TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
// the conversion at this level? I probably ought to do it as
// a real sec2_current with the conversion from sec3->sec2
// happening at a lower level.
-
+
cred_list.length(1);
cred_list[0] = rcvd_creds.in ();
/*
@@ -147,7 +147,7 @@ TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
#endif
/* Gather the elements that uniquely identify the target object */
- CORBA::ORBid_var orb_id = ri->orbid ();
+ CORBA::ORBid_var orb_id = ri->orb_id ();
CORBA::OctetSeq_var adapter_id = ri->adapter_id ();
CORBA::OctetSeq_var object_id = ri->object_id ();
@@ -157,7 +157,7 @@ TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
it_should_happen = ad->access_allowed_ex (orb_id.in (),
adapter_id.in (),
object_id.in (),
- cred_list.in (),
+ cred_list,
operation_name.in());
if (TAO_debug_level >= 3)
ACE_DEBUG ((LM_DEBUG,
diff --git a/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.cpp b/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.cpp
index 6b0b4bfb15c..8e7b22c66d1 100644
--- a/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.cpp
+++ b/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.cpp
@@ -3,6 +3,11 @@
#include "orbsvcs/Security/SL2_SecurityManager.h"
#include "tao/ORB_Constants.h"
+#include "ace/Functor.h"
+#include "tao/Object_KeyC.h"
+#include "tao/PortableServer/Root_POA.h"
+#include "tao/PortableServer/Object_Adapter.h"
+#include "tao/PortableServer/Creation_Time.h"
ACE_RCSID (Security,
SL2_SecurityManager,
@@ -75,14 +80,15 @@ TAO::Security::SecurityManager::get_target_credentials (CORBA::Object_ptr /*o*/)
}
void
-TAO::Security::SecurityManager::remove_own_credentials (
- SecurityLevel2::Credentials_ptr creds)
+TAO::Security::SecurityManager::remove_own_credentials
+ (SecurityLevel2::Credentials_ptr /*creds*/)
{
throw CORBA::NO_IMPLEMENT ();
}
-
+
CORBA::Policy_ptr
-TAO::Security::SecurityManager::get_security_policy (CORBA::PolicyType policy_type)
+TAO::Security::SecurityManager::get_security_policy
+(CORBA::PolicyType /*policy_type */)
{
throw CORBA::NO_IMPLEMENT ();
}
@@ -92,14 +98,20 @@ TAO::Security::SecurityManager::get_security_policy (CORBA::PolicyType policy_ty
*/
bool
-TAO::Security::AccessDecision::ReferenceKeyType::operator== (const ReferenceKeyType& other) const
+TAO::Security::AccessDecision::ReferenceKeyType::operator==
+ (const ReferenceKeyType& other) const
{
- if (this->oid_ == other.oid_
- && this->adapter_id_ == other.adapter_id_
- && (ACE_OS_String::strcmp (this->orbid_.in(), other.orbid_.in()) == 0) )
- return true;
- else
- return false;
+ ::CORBA::ULong olen = this->oid_->length();
+ ::CORBA::ULong alen = this->adapter_id_->length();
+
+ if (olen == other.oid_->length() &&
+ alen == other.adapter_id_->length())
+ return (ACE_OS::memcmp (this->oid_->get_buffer(),
+ other.oid_->get_buffer(),olen) == 0 &&
+ ACE_OS::memcmp (this->adapter_id_->get_buffer(),
+ other.adapter_id_->get_buffer(),alen) == 0 &&
+ ACE_OS_String::strcmp (this->orbid_.in(), other.orbid_.in()) == 0);
+ return false;
}
CORBA::ULong
@@ -108,7 +120,6 @@ TAO::Security::AccessDecision::ReferenceKeyType::hash () const
return 0;
}
-const char*
TAO::Security::AccessDecision::ReferenceKeyType::operator const char* () const
{
return "<hardcoded refkey>";
@@ -124,39 +135,19 @@ TAO::Security::AccessDecision::~AccessDecision ()
}
TAO::Security::AccessDecision::OBJECT_KEY
-TAO::Security::AccessDecision::map_key_from_objref (CORBA::Object_ptr obj)
+TAO::Security::AccessDecision::map_key_from_objref (CORBA::Object_ptr /*obj */)
{
- OBJECT_KEY key;
+ ACE_ERROR ((LM_ERROR,"map_key_from_objref is currently not implemented\n"));
+ throw CORBA::NO_IMPLEMENT();
+ OBJECT_KEY key;
return key;
}
CORBA::Boolean
-TAO::Security::AccessDecision::access_allowed_ex (
- const char * orb_id,
- const ::CORBA::OctetSeq & adapter_id,
- const ::CORBA::OctetSeq & object_id,
- const ::SecurityLevel2::CredentialsList & cred_list,
- const char * operation_name)
-{
- // Obviously this is an incorrect trivial implementation ;)
- return true;
-}
-
-CORBA::Boolean
-TAO::Security::AccessDecision::access_allowed (
- const ::SecurityLevel2::CredentialsList & cred_list,
- ::CORBA::Object_ptr target,
- const char * operation_name,
- const char * target_interface_name
- )
+TAO::Security::AccessDecision::access_allowed_i (OBJECT_KEY &key,
+ const char *operation_name)
{
- // @@ I still don't know what we do with the cred_list in here...
- // Do we inspect it?
-
- // Turn the target into what we'll use as a key into the map.
- OBJECT_KEY key = this->map_key_from_objref (target);
-
// LOCK THE MAP!
ACE_GUARD_RETURN (TAO_SYNCH_MUTEX, guard, this->map_lock_,
this->default_allowance_decision_);
@@ -188,14 +179,52 @@ TAO::Security::AccessDecision::access_allowed (
// For now we just return the default.
return access_decision;
+
+}
+
+CORBA::Boolean
+TAO::Security::AccessDecision::access_allowed_ex (
+ const char * orb_id,
+ const ::CORBA::OctetSeq & adapter_id,
+ const ::CORBA::OctetSeq & object_id,
+ const ::SecurityLevel2::CredentialsList & /*cred_list */,
+ const char * operation_name)
+{
+ OBJECT_KEY key;
+ key.orbid_ = orb_id;
+ key.adapter_id_ = adapter_id;
+ key.oid_ = object_id;
+
+ return this->access_allowed_i (key, operation_name);
+}
+
+CORBA::Boolean
+TAO::Security::AccessDecision::access_allowed
+ (const ::SecurityLevel2::CredentialsList & /*cred_list */,
+ ::CORBA::Object_ptr target,
+ const char * operation_name,
+ const char * /*target_interface_name */)
+{
+ // @@ I still don't know what we do with the cred_list in here...
+ // Do we inspect it?
+
+ // Turn the target into what we'll use as a key into the map.
+ OBJECT_KEY key = this->map_key_from_objref (target);
+ return this->access_allowed_i (key, operation_name);
}
void
-TAO::Security::AccessDecision::add_object (CORBA::Object_ptr obj,
- CORBA::Boolean allow_insecure_access)
+TAO::Security::AccessDecision::add_object
+ (const char * orb_id,
+ const ::CORBA::OctetSeq & adapter_id,
+ const ::CORBA::OctetSeq & object_id,
+ CORBA::Boolean allow_insecure_access)
{
// make a key from 'obj'
- OBJECT_KEY key = this->map_key_from_objref (obj);
+ OBJECT_KEY key;
+ key.orbid_ = orb_id;
+ key.adapter_id_ = adapter_id;
+ key.oid_ = object_id;
// bind it into the access_map_, replacing anything that's there.
// LOCK THE MAP!
@@ -236,10 +265,15 @@ TAO::Security::AccessDecision::add_object (CORBA::Object_ptr obj,
}
void
-TAO::Security::AccessDecision::remove_object (CORBA::Object_ptr obj)
+TAO::Security::AccessDecision::remove_object
+ (const char * orb_id,
+ const ::CORBA::OctetSeq & adapter_id,
+ const ::CORBA::OctetSeq & object_id)
{
- // make a key from 'obj'
- OBJECT_KEY key = this->map_key_from_objref (obj);
+ OBJECT_KEY key;
+ key.orbid_ = orb_id;
+ key.adapter_id_ = adapter_id;
+ key.oid_ = object_id;
ACE_Hash<OBJECT_KEY> hash;
diff --git a/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.h b/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.h
index 5646410dac0..32da7a31219 100644
--- a/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.h
+++ b/TAO/orbsvcs/orbsvcs/Security/SL2_SecurityManager.h
@@ -58,7 +58,7 @@ namespace TAO
/*! Constructor */
AccessDecision (/* not yet known */);
~AccessDecision (void);
-
+
virtual ::CORBA::Boolean access_allowed (
const ::SecurityLevel2::CredentialsList & cred_list,
::CORBA::Object_ptr target,
@@ -76,9 +76,14 @@ namespace TAO
virtual ::CORBA::Boolean default_decision (void);
virtual void default_decision (::CORBA::Boolean d);
- virtual void add_object (::CORBA::Object_ptr obj,
- ::CORBA::Boolean allow_insecure_access);
- virtual void remove_object (::CORBA::Object_ptr obj);
+ virtual void add_object (const char * orbid,
+ const ::CORBA::OctetSeq & adapter_id,
+ const ::CORBA::OctetSeq & object_id,
+ ::CORBA::Boolean allow_insecure_access);
+
+ virtual void remove_object (const char * orbid,
+ const ::CORBA::OctetSeq & adapter_id,
+ const ::CORBA::OctetSeq & object_id);
private:
/*!
@@ -112,7 +117,7 @@ namespace TAO
CORBA::ULong hash() const;
// operator kind of like a "toString()" for debug statements
- operator const char* () const;
+ operator const char * () const;
};
typedef ReferenceKeyType OBJECT_KEY;
// This is typedef'd because we might try to do something fancier
@@ -128,7 +133,7 @@ namespace TAO
ACE_Equal_To<OBJECT_KEY>,
ACE_Null_Mutex> // not sure this is right
ACCESS_MAP_TYPE;
-
+
ACCESS_MAP_TYPE access_map_;
// Lock for accessing the map. It may be possible to get away with
@@ -139,11 +144,18 @@ namespace TAO
private:
/*!
* @brief Encapsulates a TAO-specific way to do object_to_string() without having an ORB reference handy.
- *
+ *
* @note If OBJECT_KEY changes as described above, this should change
* so that it generates an OBJECT_KEY.
*/
OBJECT_KEY map_key_from_objref (CORBA::Object_ptr obj);
+
+ //
+ // This is the private implementation that is common to both
+ // access_allowed and access_allowed_ex.
+ ::CORBA::Boolean access_allowed_i (OBJECT_KEY& key,
+ const char *operation_name);
+
};
/**
diff --git a/TAO/orbsvcs/orbsvcs/SecurityLevel2.idl b/TAO/orbsvcs/orbsvcs/SecurityLevel2.idl
index 4aad2543911..c59afee58bc 100644
--- a/TAO/orbsvcs/orbsvcs/SecurityLevel2.idl
+++ b/TAO/orbsvcs/orbsvcs/SecurityLevel2.idl
@@ -291,9 +291,13 @@ module TAO {
/*! Establish whether a particular object can be accessed via insecure
means. */
- void add_object (in Object obj,
- in boolean allow_insecure_access);
- void remove_object (in Object obj);
+ void add_object (in ::CORBA::ORBid orb_id,
+ in ::CORBA::OctetSeq adapter_id,
+ in ::CORBA::OctetSeq object_id,
+ in boolean allow_insecure_access);
+ void remove_object (in ::CORBA::ORBid orb_id,
+ in ::CORBA::OctetSeq adapter_id,
+ in ::CORBA::OctetSeq object_id);
// Should there be some kind of "find" interface?
};
diff --git a/TAO/orbsvcs/tests/Security/mixed_security_test/server.cpp b/TAO/orbsvcs/tests/Security/mixed_security_test/server.cpp
index c26bbcff395..b55a5f3a268 100644
--- a/TAO/orbsvcs/tests/Security/mixed_security_test/server.cpp
+++ b/TAO/orbsvcs/tests/Security/mixed_security_test/server.cpp
@@ -73,7 +73,7 @@ init_and_setup (int& argc,
orb = CORBA::ORB_init (argc, argv);
rootpoa = rir<PortableServer::POA> (orb, "RootPOA");
poamgr = rootpoa->the_POAManager();
-
+
sl3current =
rir<SecurityLevel3::SecurityCurrent>(orb, "SecurityLevel3:SecurityCurrent");
@@ -157,12 +157,16 @@ main (int argc, char *argv[])
// 3. Create servant #2 of Foo_i, and its associated Object
ACE_NEW_RETURN (server2, Foo_i (orb.in(), sl3current.in()), 1);
- Foo::Bar_var server2_obj = server2->_this ();
+
+ Foo::Bar_var server2_obj = server2->_this();
ACE_DEBUG ((LM_DEBUG, "mixed_security/server: "
"created servant/object #2\n"));
// 4. add servant #2's Object reference to the "permitted" list.
- sl2ad->add_object (server2_obj.in(), true);
+ PortableServer::ObjectId_var oid = rootpoa->servant_to_id (server2);
+ CORBA::OctetSeq_var poaid = rootpoa->id();
+ CORBA::String_var orbid = orb->id();
+ sl2ad->add_object (orbid.in(), poaid.in(), oid.in(), true);
ACE_DEBUG ((LM_DEBUG, "mixed_security/server: "
"added object #2 as a permitted reference for "
"non-secure invocations\n"));
@@ -177,7 +181,7 @@ main (int argc, char *argv[])
// 6. activate the POA manager
poamgr->activate ();
-
+
// 7. run the orb.
ACE_DEBUG ((LM_DEBUG, "mixed_security/server: "
"running the orb\n"));