summaryrefslogtreecommitdiff
path: root/TAO/orbsvcs/orbsvcs/CSIv2
diff options
context:
space:
mode:
Diffstat (limited to 'TAO/orbsvcs/orbsvcs/CSIv2')
-rw-r--r--TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.cpp2
-rw-r--r--TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.h2
-rw-r--r--TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.cpp173
-rw-r--r--TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.h27
-rw-r--r--TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.cpp89
-rw-r--r--TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.h1
6 files changed, 190 insertions, 104 deletions
diff --git a/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.cpp b/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.cpp
index 8e9c5b72870..76ee8892c61 100644
--- a/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.cpp
+++ b/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.cpp
@@ -10,7 +10,7 @@ ACE_RCSID (CSIv2,
void
-TAO::CSI_Utils:create_sas_service_context (
+TAO::CSI_Utils::create_sas_service_context (
const CSI::SASContextBody & sas_context,
IOP::ServiceContext & sc)
{
diff --git a/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.h b/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.h
index 038e6523979..2f1ec3c1fc6 100644
--- a/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.h
+++ b/TAO/orbsvcs/orbsvcs/CSIv2/CSI_Utils.h
@@ -31,7 +31,7 @@ namespace CSI
namespace TAO
{
- namespace CSI_Util
+ namespace CSI_Utils
{
/// Populate given IOP::ServiceContext with given CSI::SASContextBody.
void create_sas_service_context (const CSI::SASContextBody & sas_context,
diff --git a/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.cpp b/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.cpp
index 7e1706f31d5..9cab862f757 100644
--- a/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.cpp
+++ b/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.cpp
@@ -31,19 +31,32 @@ TAO::CSS_RequestInterceptor::send_request (
ACE_THROW_SPEC ((CORBA::SystemException,
PortableInterceptor::ForwardRequest))
{
+ CSI::AuthorizationToken at;
- CSI::SASContextBody sas_context;
+ this->get_authorization_token (at
+ ACE_ENV_ARG_PARAMETER);
+ ACE_CHECK;
+
+ CSI::IdentityToken it;
- const CORBA::Boolean context_created =
- this->get_sas_context_body (info,
- sas_context
- ACE_ENV_ARG_PARAMETER);
+ this->get_identity_token (it
+ ACE_ENV_ARG_PARAMETER);
ACE_CHECK;
+ CSI::GSSToken gt;
+
+ this->get_gss_token (gt
+ ACE_ENV_ARG_PARAMETER);
+ ACE_CHECK;
+
+ CSI::EstablishContext ec;
+
ec.client_context_id = 0; // Stateless CSS
- ec.authorization_token = /* Retrieve from ATLAS */;
- ec.identity_token = /* A discriminated union. */;
- ec.client_authentication_token = /* */;
+ ec.authorization_token = at;
+ ec.identity_token = it;
+ ec.client_authentication_token = gt;
+
+ CSI::SASContextBody sas_context;
sas_context.establish_msg (ec);
@@ -52,11 +65,11 @@ TAO::CSS_RequestInterceptor::send_request (
TAO::CSI_Utils::create_sas_service_context (sas_context, sc);
- const CORBA::boolean replace = 0;
+ const CORBA::Boolean replace = 0;
- ri->add_request_service_context (service_context,
- replace
- ACE_ENV_ARG_PARAMETER);
+ info->add_request_service_context (sc,
+ replace
+ ACE_ENV_ARG_PARAMETER);
ACE_CHECK;
}
@@ -77,7 +90,7 @@ TAO::CSS_RequestInterceptor::receive_reply (
CSI::SASContextBody sas_context;
// Extract CSI::ContextError structure from CSI::SASContextBody.
- const CORBA::Boolean found_context_error =
+ const bool found_sas_context =
this->extract_sas_context (info,
sas_context
ACE_ENV_ARG_PARAMETER);
@@ -92,13 +105,14 @@ TAO::CSS_RequestInterceptor::receive_reply (
switch (msg_type)
{
case CSI::MTCompleteEstablishContext: // Stateful CSS only.
-
- const CSI::CompleteEstablishContext & cec =
- sas_context.complete_msg ();
-
- this->complete_context (cec.client_context_id,
- cec.context_stateful);
-
+ {
+ const CSI::CompleteEstablishContext & cec =
+ sas_context.complete_msg ();
+
+ this->complete_context (cec
+ ACE_ENV_ARG_PARAMETER);
+ ACE_CHECK;
+ }
break;
default:
@@ -135,7 +149,7 @@ TAO::CSS_RequestInterceptor::receive_exception (
CSI::SASContextBody sas_context;
// Extract CSI::ContextError structure from CSI::SASContextBody.
- const CORBA::Boolean found_sas_context =
+ const bool found_sas_context =
this->extract_sas_context (info,
sas_context
ACE_ENV_ARG_PARAMETER);
@@ -150,36 +164,37 @@ TAO::CSS_RequestInterceptor::receive_exception (
switch (msg_type)
{
case CSI::MTContextError:
-
- const CSI::ContextError & ce = sas_context.error_msg ();
-
- if (ce.minor == 1)
- {
- if (ce.major == 1) // Invalid evidence
- {
- // Re-collect authentication evidence and try
- // again.
- }
- else if (ce.major == 3) // Conflicting evidence
- {
- // Stateful CSS only
- this->invalidate_context (ce.client_context_id);
-
- // Done. Allow the exception to propagate to
- // the caller.
- }
- else if (ce.major == 4) // No context
- {
- // Stateful CSS only
- this->invalidate_context (ce.client_context_id);
-
- // @@ Restart invocation with new context.
- }
-
- // Don't do anything for the "invalid mechanism"
- // case (i.e. major == 2). Just allow the exception
- // to propagate to the caller.
- }
+ {
+ const CSI::ContextError & ce = sas_context.error_msg ();
+
+ if (ce.minor_status == 1)
+ {
+ if (ce.major_status == 1) // Invalid evidence
+ {
+ // Re-collect authentication evidence and try
+ // again.
+ }
+ else if (ce.major_status == 3) // Conflicting evidence
+ {
+ // Stateful CSS only
+ this->invalidate_context (ce);
+
+ // Done. Allow the exception to propagate to
+ // the caller.
+ }
+ else if (ce.major_status == 4) // No context
+ {
+ // Stateful CSS only
+ this->invalidate_context (ce);
+
+ // @@ Restart invocation with new context.
+ }
+
+ // Don't do anything for the "invalid mechanism"
+ // case (i.e. major == 2). Just allow the exception
+ // to propagate to the caller.
+ }
+ }
break;
@@ -203,9 +218,9 @@ TAO::CSS_RequestInterceptor::receive_other (
// No need to anything for the oneway and LOCATION_FORWARD case.
}
-CORBA::Boolean
-TAO::TSS_RequestInterceptor::extract_sas_context (
- PortableInterceptor::ServerRequestInfo_ptr info,
+bool
+TAO::CSS_RequestInterceptor::extract_sas_context (
+ PortableInterceptor::ClientRequestInfo_ptr info,
CSI::SASContextBody & sas_context
ACE_ENV_ARG_DECL)
{
@@ -220,12 +235,12 @@ TAO::TSS_RequestInterceptor::extract_sas_context (
ACE_CATCH (CORBA::BAD_PARAM, ex)
{
if (ex.minor () == (CORBA::OMGVMCID | 26))
- return 0;
+ return false;
else
ACE_RE_THROW;
}
ACE_ENDTRY;
- ACE_CHECK_RETURN (0);
+ ACE_CHECK_RETURN (false);
if (sc->context_id != IOP::SecurityAttributeService)
{
@@ -233,13 +248,53 @@ TAO::TSS_RequestInterceptor::extract_sas_context (
// ServiceContext corresponding to the CSI::SASContextBody.
//
// @@ Correct exception?
- ACE_THROW_RETURN (CORBA::BAD_PARAM (), 0);
+ ACE_THROW_RETURN (CORBA::BAD_PARAM (), false);
}
// Extract CSI::SASContextBody from given IOP::ServiceContext.
if (!TAO::CSI_Utils::extract_sas_service_context (sc.in (),
sas_context))
- ACE_THROW_RETURN (CORBA::MARSHAL (), 0);
+ ACE_THROW_RETURN (CORBA::MARSHAL (), false);
+
+ return true; // Successfully extracted CSI::SASContextBody.
+}
+
+void
+TAO::CSS_RequestInterceptor::get_authorization_token (
+ CSI::AuthorizationToken & /* t */
+ ACE_ENV_ARG_DECL_NOT_USED)
+{
+ ACE_ASSERT (0); // Fill in the blanks!
+}
- return 1; // Successfully extracted CSI::SASContextBody.
+void
+TAO::CSS_RequestInterceptor::get_identity_token (
+ CSI::IdentityToken & /* t */
+ ACE_ENV_ARG_DECL_NOT_USED)
+{
+ ACE_ASSERT (0); // Fill in the blanks!
+}
+
+void
+TAO::CSS_RequestInterceptor::get_gss_token (
+ CSI::GSSToken & /* t */
+ ACE_ENV_ARG_DECL_NOT_USED)
+{
+ ACE_ASSERT (0); // Fill in the blanks!
+}
+
+void
+TAO::CSS_RequestInterceptor::complete_context (
+ const CSI::CompleteEstablishContext & /* cec */
+ ACE_ENV_ARG_DECL_NOT_USED)
+{
+ ACE_ASSERT (0); // Fill in the blanks!
+}
+
+void
+TAO::CSS_RequestInterceptor::invalidate_context (
+ const CSI::ContextError & /* ce */
+ ACE_ENV_ARG_DECL_NOT_USED)
+{
+ ACE_ASSERT (0); // Fill in the blanks!
}
diff --git a/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.h b/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.h
index 21288770eeb..f0e2ef2ae2e 100644
--- a/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.h
+++ b/TAO/orbsvcs/orbsvcs/CSIv2/CSS_RequestInterceptor.h
@@ -24,6 +24,8 @@
# pragma once
#endif /* ACE_LACKS_PRAGMA_ONCE */
+#include "orbsvcs/CSIC.h"
+
#include "tao/PortableInterceptorC.h"
#include "tao/LocalObject.h"
@@ -34,7 +36,6 @@
#pragma warning(disable:4250)
#endif /* _MSC_VER */
-
namespace TAO
{
/**
@@ -52,7 +53,7 @@ namespace TAO
public:
/// Constructor.
- CSS_Requestinterceptor (void);
+ CSS_RequestInterceptor (void);
/**
* @name Methods Required by the Client Request Interceptor
@@ -95,6 +96,28 @@ namespace TAO
PortableInterceptor::ForwardRequest));
//@}
+ private:
+
+ ///
+ bool extract_sas_context (PortableInterceptor::ClientRequestInfo_ptr info,
+ CSI::SASContextBody & sas_context
+ ACE_ENV_ARG_DECL);
+
+ void get_authorization_token (CSI::AuthorizationToken & t
+ ACE_ENV_ARG_DECL);
+
+ void get_identity_token (CSI::IdentityToken & t
+ ACE_ENV_ARG_DECL);
+
+ void get_gss_token (CSI::GSSToken & t
+ ACE_ENV_ARG_DECL);
+
+ void complete_context (const CSI::CompleteEstablishContext & /* cec */
+ ACE_ENV_ARG_DECL);
+
+ void invalidate_context (const CSI::ContextError & /* ce */
+ ACE_ENV_ARG_DECL);
+
};
} // End TAO namespace
diff --git a/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.cpp b/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.cpp
index 6379aba12ad..6cd5cbef37c 100644
--- a/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.cpp
+++ b/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.cpp
@@ -1,6 +1,8 @@
#include "TSS_RequestInterceptor.h"
#include "CSI_Utils.h"
+#include "orbsvcs/CSIC.h"
+
ACE_RCSID (CSIv2,
TSS_RequestInterceptor,
@@ -30,7 +32,7 @@ TAO::TSS_RequestInterceptor::receive_request_service_contexts (
CSI::SASContextBody sas_context;
// Extract CSI::SASContextBody union from IOP::ServiceContext.
- const CORBA::Boolean found_sas_context =
+ const bool found_sas_context =
this->extract_sas_context (info,
sas_context
ACE_ENV_ARG_PARAMETER);
@@ -48,30 +50,35 @@ TAO::TSS_RequestInterceptor::receive_request_service_contexts (
switch (msg_type)
{
case CSI::MTEstablishContext:
- CORBA::Boolean stateful;
-
- if (!this->accept_context (info,
- oneway,
- sas_context.establish_msg (),
- stateful))
- ACE_THROW (CORBA::NO_PERMISSION ());
+ {
+ bool stateful;
- // Success!
+ const CSI::EstablishContext & ec = sas_context.establish_msg ();
- // Only add CSI::CompleteEstablishContext to
- // ServiceContextList for twoway calls, i.e those that
- // expect a response. Don't bother for oneway calls. This
- // is merely an optimization.
- if (!oneway)
- {
- this->add_complete_establish_context (info,
- ec.client_context_id,
- stateful,
- final_context_token
- ACE_ENV_ARG_PARAMETER);
- ACE_CHECK;
- }
+ if (!this->accept_context (info,
+ oneway,
+ ec,
+ stateful))
+ ACE_THROW (CORBA::NO_PERMISSION ());
+ // Success!
+
+ CSI::GSSToken final_context_token;
+
+ // Only add CSI::CompleteEstablishContext to
+ // ServiceContextList for twoway calls, i.e those that
+ // expect a response. Don't bother for oneway calls. This
+ // is merely an optimization.
+ if (!oneway)
+ {
+ this->add_complete_establish_context (info,
+ ec.client_context_id,
+ stateful,
+ final_context_token
+ ACE_ENV_ARG_PARAMETER);
+ ACE_CHECK;
+ }
+ }
break;
case CSI::MTMessageInContext:
@@ -162,23 +169,23 @@ TAO::TSS_RequestInterceptor::send_other (
{
}
-CORBA::Boolean
+bool
TAO::TSS_RequestInterceptor::accept_transport_context (void)
{
/**
* @todo Query the transport layer.
*/
- return 1; // Context accepted.
+ return true; // Context accepted.
}
-CORBA::Boolean
+bool
TAO::TSS_RequestInterceptor::accept_context (
PortableInterceptor::ServerRequestInfo_ptr info,
CORBA::Boolean oneway,
const CSI::EstablishContext & ec,
- CORBA::Boolean & stateful
- ACE_ENV_ARG_PARAMETER)
+ bool & stateful
+ ACE_ENV_ARG_DECL)
{
ErrorCode error_code = /**/;
@@ -214,7 +221,7 @@ TAO::TSS_RequestInterceptor::accept_context (
else if (error_code == POLICY_CHANGE)
{
ACE_THROW_RETURN (PortableInterceptor::ForwardRequest (),
- 0);
+ false);
}
this->add_context_error (ec.client_context_id,
@@ -222,18 +229,18 @@ TAO::TSS_RequestInterceptor::accept_context (
minor,
error_token
ACE_ENV_ARG_PARAMETER);
- ACE_CHECK_RETURN (0);
+ ACE_CHECK_RETURN (false);
- return 0;
+ return false;
}
if (ec.client_context_id == 0)
- stateful = 0; // Do not establish stateful context for clients
- // that request a stateless one.
+ stateful = false; // Do not establish stateful context for clients
+ // that request a stateless one.
else
- stateful = 0; // TAO TSS isn't stateful yet.
+ stateful = false; // TAO TSS isn't stateful yet.
- return 1; // Context accepted.
+ return true; // Context accepted.
}
void
@@ -247,7 +254,7 @@ TAO::TSS_RequestInterceptor::discard_context (CSI::ContextId context_id)
{
}
-CORBA::Boolean
+bool
TAO::TSS_RequestInterceptor::extract_sas_context (
PortableInterceptor::ServerRequestInfo_ptr info,
CSI::SASContextBody & sas_context
@@ -264,12 +271,12 @@ TAO::TSS_RequestInterceptor::extract_sas_context (
ACE_CATCH (CORBA::BAD_PARAM, ex)
{
if (ex.minor () == (CORBA::OMGVMCID | 26))
- return 0;
+ return false;
else
ACE_RE_THROW;
}
ACE_ENDTRY;
- ACE_CHECK_RETURN (0);
+ ACE_CHECK_RETURN (false);
if (sc->context_id != IOP::SecurityAttributeService)
{
@@ -278,15 +285,15 @@ TAO::TSS_RequestInterceptor::extract_sas_context (
//
// @@ Correct exception? If so, should ContextError be added to
// the exception reply ServiceContextList.
- ACE_THROW_RETURN (CORBA::NO_PERMISSION (), 0);
+ ACE_THROW_RETURN (CORBA::NO_PERMISSION (), false);
}
// Extract CSI::SASContextBody from given IOP::ServiceContext.
if (!TAO::CSI_Utils::extract_sas_service_context (sc.in (),
sas_context))
- ACE_THROW_RETURN (CORBA::MARSHAL (), 0);
+ ACE_THROW_RETURN (CORBA::MARSHAL (), false);
- return 1; // Successfully extracted CSI::SASContextBody.
+ return true; // Successfully extracted CSI::SASContextBody.
}
void
@@ -368,7 +375,7 @@ TAO::TSS_RequestInterceptor::add_sas_context (
// Create IOP::ServiceContext containing CSI::SASContextBody union.
IOP::ServiceContext sc;
- TAO::CSI_Util::create_sas_service_context (sas, sc);
+ TAO::CSI_Utils::create_sas_service_context (sas, sc);
// Another IOP::SecurityAttributeService ServiceContext should not
// exist in the reply's ServiceContextList.
diff --git a/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.h b/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.h
index 42cb7ea4acb..2ed2e45a39c 100644
--- a/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.h
+++ b/TAO/orbsvcs/orbsvcs/CSIv2/TSS_RequestInterceptor.h
@@ -23,6 +23,7 @@
# pragma once
#endif /* ACE_LACKS_PRAGMA_ONCE */
+#include "tao/PortableInterceptorC.h"
#include "tao/LocalObject.h"
#if defined(_MSC_VER)
View Lorry Controller Status