TAO_SSLIOP: SSLIOP_ORBInitializer.cpp Source File

00001 #include "orbsvcs/SSLIOP/SSLIOP_ORBInitializer.h"
00002 
00003 
00004 ACE_RCSID (SSLIOP,
00005            SSLIOP_ORBInitializer,
00006            "SSLIOP_ORBInitializer.cpp,v 1.21 2006/03/14 06:14:35 jtc Exp")
00007 
00008 
00009 #include "orbsvcs/SSLIOP/SSLIOP_Current.h"
00010 #include "orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.h"
00011 //#include "SSLIOP_IORInterceptor.h"
00012 #include "orbsvcs/SSLIOP/SSLIOP_CredentialsAcquirerFactory.h"
00013 
00014 #include "orbsvcs/Security/SL3_SecurityCurrent.h"
00015 #include "orbsvcs/Security/SL3_CredentialsCurator.h"
00016 
00017 #include "orbsvcs/SSLIOPC.h"
00018 #include "orbsvcs/CSIIOPC.h"
00019 
00020 #include "tao/Exception.h"
00021 #include "tao/PI/ORBInitInfo.h"
00022 #include "tao/debug.h"
00023 
00024 #include "ace/Auto_Ptr.h"
00025 
00026 
00027 TAO_BEGIN_VERSIONED_NAMESPACE_DECL
00028 
00029 TAO::SSLIOP::ORBInitializer::ORBInitializer (
00030   ::Security::QOP qop,
00031   CSIIOP::AssociationOptions csiv2_target_supports,
00032   CSIIOP::AssociationOptions csiv2_target_requires)
00033   : qop_ (qop),
00034     csiv2_target_supports_ (csiv2_target_supports),
00035     csiv2_target_requires_ (csiv2_target_requires)
00036 {
00037 }
00038 
00039 void
00040 TAO::SSLIOP::ORBInitializer::pre_init (
00041     PortableInterceptor::ORBInitInfo_ptr info
00042     ACE_ENV_ARG_DECL)
00043   ACE_THROW_SPEC ((CORBA::SystemException))
00044 {
00045   TAO_ORBInitInfo_var tao_info =
00046     TAO_ORBInitInfo::_narrow (info
00047                               ACE_ENV_ARG_PARAMETER);
00048   ACE_CHECK;
00049 
00050   if (CORBA::is_nil (tao_info.in ()))
00051     ACE_THROW (CORBA::INV_OBJREF ());
00052 
00053   // SSLIOP doesn't use the ORB Core until a request invocation occurs
00054   // so there is no problem in retrieving the ORB Core pointer in this
00055   // pre_init() method.
00056   TAO_ORB_Core *orb_core = tao_info->orb_core ();
00057 
00058   // Create the SSLIOP::Current object.
00059   // Note that a new SSLIOP::Current object is created for each ORB.
00060   // It wouldn't be very useful to share security context information
00061   // with another ORB that isn't configured with security, for
00062   // example.
00063   SSLIOP::Current_ptr current;
00064   ACE_NEW_THROW_EX (current,
00065                     TAO::SSLIOP::Current (orb_core),
00066                     CORBA::NO_MEMORY (
00067                       CORBA::SystemException::_tao_minor_code (
00068                         TAO::VMCID,
00069                         ENOMEM),
00070                       CORBA::COMPLETED_NO));
00071   ACE_CHECK;
00072 
00073   SSLIOP::Current_var ssliop_current = current;
00074 
00075   // Register the SSLIOP::Current object reference with the ORB.
00076   info->register_initial_reference ("SSLIOPCurrent",
00077                                     ssliop_current.in ()
00078                                     ACE_ENV_ARG_PARAMETER);
00079   ACE_CHECK;
00080 }
00081 
00082 void
00083 TAO::SSLIOP::ORBInitializer::post_init (
00084     PortableInterceptor::ORBInitInfo_ptr info
00085     ACE_ENV_ARG_DECL)
00086   ACE_THROW_SPEC ((CORBA::SystemException))
00087 {
00088   // Note we do not store the SSLIOP::Current as a class member since
00089   // we need to avoid potential problems where the same
00090   // SSLIOP::Current object is shared between ORBs.  Each ORB should
00091   // have its own unique SSLIOP::Current object.  By obtaining the
00092   // SSLIOP::Current object from the resolve_initial_references()
00093   // mechanism, we are guaranteed that the SSLIOP::Current object is
00094   // specific to the ORB being initialized since a new SSLIOP::Current
00095   // object is registered for each ORB in this ORBInitializer's
00096   // pre_init() method.
00097 
00098   CORBA::Object_var obj =
00099     info->resolve_initial_references ("SSLIOPCurrent"
00100                                       ACE_ENV_ARG_PARAMETER);
00101   ACE_CHECK;
00102 
00103   SSLIOP::Current_var ssliop_current =
00104     SSLIOP::Current::_narrow (obj.in () ACE_ENV_ARG_PARAMETER);
00105   ACE_CHECK;
00106 
00107   if (!CORBA::is_nil (ssliop_current.in ()))
00108     {
00109       TAO::SSLIOP::Current *tao_current =
00110         dynamic_cast<TAO::SSLIOP::Current *> (ssliop_current.in ());
00111 
00112       if (tao_current != 0)
00113         {
00114           const size_t slot =
00115             this->get_tss_slot_id (info ACE_ENV_ARG_PARAMETER);
00116           ACE_CHECK;
00117 
00118           tao_current->tss_slot (slot);
00119         }
00120       else
00121         ACE_THROW (CORBA::INTERNAL ());
00122     }
00123 
00124   // Create the SSLIOP secure invocation server request interceptor.
00125   PortableInterceptor::ServerRequestInterceptor_ptr si =
00126     PortableInterceptor::ServerRequestInterceptor::_nil ();
00127   ACE_NEW_THROW_EX (si,
00128                     TAO::SSLIOP::Server_Invocation_Interceptor (
00129                       ssliop_current.in (),
00130                       this->qop_),
00131                     CORBA::NO_MEMORY (
00132                       CORBA::SystemException::_tao_minor_code (
00133                         TAO::VMCID,
00134                         ENOMEM),
00135                       CORBA::COMPLETED_NO));
00136   ACE_CHECK;
00137 
00138   PortableInterceptor::ServerRequestInterceptor_var si_interceptor =
00139     si;
00140 
00141   // Register the SSLIOP secure invocation server request interceptor
00142   // with the ORB.
00143   info->add_server_request_interceptor (si_interceptor.in ()
00144                                         ACE_ENV_ARG_PARAMETER);
00145   ACE_CHECK;
00146 
00147 //   TAO_ORBInitInfo_var tao_info =
00148 //     TAO_ORBInitInfo::_narrow (info
00149 //                               ACE_ENV_ARG_PARAMETER);
00150 //   ACE_CHECK;
00151 
00152 //   if (CORBA::is_nil (tao_info.in ()))
00153 //     ACE_THROW (CORBA::INV_OBJREF ());
00154 
00155 //   TAO_ORB_Core * orb_core = tao_info->orb_core ();
00156 
00157 //   // Create the SSLIOP IOR interceptor.
00158 //   PortableInterceptor::IORInterceptor_ptr ii =
00159 //     PortableInterceptor::IORInterceptor::_nil ();
00160 //   ACE_NEW_THROW_EX (ii,
00161 //                     TAO::SSLIOP::IORInterceptor (orb_core,
00162 //                                                  this->csiv2_target_supports_,
00163 //                                                  this->csiv2_target_requires_),
00164 //                     CORBA::NO_MEMORY (
00165 //                       CORBA::SystemException::_tao_minor_code (
00166 //                         TAO::VMCID,
00167 //                         ENOMEM),
00168 //                       CORBA::COMPLETED_NO));
00169 //   ACE_CHECK;
00170 
00171 //   PortableInterceptor::IORInterceptor_var ior_interceptor =
00172 //     ii;
00173 
00174 //   // Register the SSLIOP IORInterceptor.
00175 //   info->add_ior_interceptor (ior_interceptor.in ()
00176 //                              ACE_ENV_ARG_PARAMETER);
00177 //   ACE_CHECK;
00178 
00179   // Register the SSLIOP-specific vault with the
00180   // PrincipalAuthenticator.
00181   obj = info->resolve_initial_references ("SecurityLevel3:SecurityManager"
00182                                           ACE_ENV_ARG_PARAMETER);
00183   ACE_CHECK;
00184 
00185   SecurityLevel3::SecurityManager_var manager =
00186     SecurityLevel3::SecurityManager::_narrow (obj.in ()
00187                                               ACE_ENV_ARG_PARAMETER);
00188   ACE_CHECK;
00189 
00190   SecurityLevel3::CredentialsCurator_var curator =
00191     manager->credentials_curator (ACE_ENV_SINGLE_ARG_PARAMETER);
00192   ACE_CHECK;
00193 
00194   TAO::SL3::CredentialsCurator_var tao_curator =
00195     TAO::SL3::CredentialsCurator::_narrow (curator.in ()
00196                                            ACE_ENV_ARG_PARAMETER);
00197   ACE_CHECK;
00198 
00199   TAO::SSLIOP::CredentialsAcquirerFactory * factory;
00200   ACE_NEW_THROW_EX (factory,
00201                     TAO::SSLIOP::CredentialsAcquirerFactory,
00202                     CORBA::NO_MEMORY ());
00203   ACE_CHECK;
00204 
00205   auto_ptr<TAO::SSLIOP::CredentialsAcquirerFactory> safe_factory;
00206 
00207   tao_curator->register_acquirer_factory ("SL3TLS",
00208                                           factory
00209                                           ACE_ENV_ARG_PARAMETER);
00210   ACE_CHECK;
00211 
00212   (void) safe_factory.release ();  // CredentialsCurator now owns
00213                                    // CredentialsAcquirerFactory.
00214 }
00215 
00216 size_t
00217 TAO::SSLIOP::ORBInitializer::get_tss_slot_id (
00218   PortableInterceptor::ORBInitInfo_ptr info
00219   ACE_ENV_ARG_DECL)
00220 {
00221   // Obtain the Security Service TSS slot ID from the SecurityCurrent
00222   // object.
00223   CORBA::Object_var obj =
00224     info->resolve_initial_references ("SecurityLevel3:SecurityCurrent"
00225                                       ACE_ENV_ARG_PARAMETER);
00226   ACE_CHECK_RETURN (0);
00227 
00228   SecurityLevel3::SecurityCurrent_var current =
00229     SecurityLevel3::SecurityCurrent::_narrow (obj.in ()
00230                                               ACE_ENV_ARG_PARAMETER);
00231   ACE_CHECK_RETURN (0);
00232 
00233   TAO::SL3::SecurityCurrent * security_current =
00234     dynamic_cast<TAO::SL3::SecurityCurrent *> (current.in ());
00235 
00236   if (security_current == 0)
00237     {
00238       ACE_DEBUG ((LM_DEBUG,
00239                   "Unable to obtain TSS slot ID from "
00240                   "\"SecurityCurrent\" object.\n"));
00241 
00242       ACE_THROW_RETURN (CORBA::INTERNAL (), 0);
00243     }
00244 
00245   return security_current->tss_slot ();
00246 }
00247 
00248 TAO_END_VERSIONED_NAMESPACE_DECL