TAO_SSLIOP: SSLIOP_ORBInitializer.cpp Source File

00001 #include "orbsvcs/SSLIOP/SSLIOP_ORBInitializer.h"
00002 
00003 
00004 ACE_RCSID (SSLIOP,
00005            SSLIOP_ORBInitializer,
00006            "$Id: SSLIOP_ORBInitializer.cpp 78854 2007-07-12 17:10:11Z mesnier_p $")
00007 
00008 
00009 #include "orbsvcs/SSLIOP/SSLIOP_Current.h"
00010 #include "orbsvcs/SSLIOP/SSLIOP_Invocation_Interceptor.h"
00011 //#include "SSLIOP_IORInterceptor.h"
00012 #include "orbsvcs/SSLIOP/SSLIOP_CredentialsAcquirerFactory.h"
00013 
00014 #include "orbsvcs/Security/SL3_SecurityCurrent.h"
00015 #include "orbsvcs/Security/SL3_CredentialsCurator.h"
00016 
00017 #include "orbsvcs/SSLIOPC.h"
00018 #include "orbsvcs/CSIIOPC.h"
00019 
00020 #include "tao/Exception.h"
00021 #include "tao/PI/ORBInitInfo.h"
00022 #include "tao/debug.h"
00023 
00024 #include "ace/Auto_Ptr.h"
00025 
00026 
00027 TAO_BEGIN_VERSIONED_NAMESPACE_DECL
00028 
00029 TAO::SSLIOP::ORBInitializer::ORBInitializer (
00030   ::Security::QOP qop,
00031   CSIIOP::AssociationOptions csiv2_target_supports,
00032   CSIIOP::AssociationOptions csiv2_target_requires)
00033   : qop_ (qop),
00034     csiv2_target_supports_ (csiv2_target_supports),
00035     csiv2_target_requires_ (csiv2_target_requires)
00036 {
00037 }
00038 
00039 void
00040 TAO::SSLIOP::ORBInitializer::pre_init (
00041     PortableInterceptor::ORBInitInfo_ptr info)
00042 {
00043   TAO_ORBInitInfo_var tao_info = TAO_ORBInitInfo::_narrow (info);
00044 
00045   if (CORBA::is_nil (tao_info.in ()))
00046     throw CORBA::INV_OBJREF ();
00047 
00048   // SSLIOP doesn't use the ORB Core until a request invocation occurs
00049   // so there is no problem in retrieving the ORB Core pointer in this
00050   // pre_init() method.
00051   TAO_ORB_Core *orb_core = tao_info->orb_core ();
00052 
00053   // Create the SSLIOP::Current object.
00054   // Note that a new SSLIOP::Current object is created for each ORB.
00055   // It wouldn't be very useful to share security context information
00056   // with another ORB that isn't configured with security, for
00057   // example.
00058   SSLIOP::Current_ptr current;
00059   ACE_NEW_THROW_EX (current,
00060                     TAO::SSLIOP::Current (orb_core),
00061                     CORBA::NO_MEMORY (
00062                       CORBA::SystemException::_tao_minor_code (
00063                         TAO::VMCID,
00064                         ENOMEM),
00065                       CORBA::COMPLETED_NO));
00066 
00067   SSLIOP::Current_var ssliop_current = current;
00068 
00069   // Register the SSLIOP::Current object reference with the ORB.
00070   info->register_initial_reference ("SSLIOPCurrent", ssliop_current.in ());
00071 }
00072 
00073 void
00074 TAO::SSLIOP::ORBInitializer::post_init (
00075     PortableInterceptor::ORBInitInfo_ptr info)
00076 {
00077   // Note we do not store the SSLIOP::Current as a class member since
00078   // we need to avoid potential problems where the same
00079   // SSLIOP::Current object is shared between ORBs.  Each ORB should
00080   // have its own unique SSLIOP::Current object.  By obtaining the
00081   // SSLIOP::Current object from the resolve_initial_references()
00082   // mechanism, we are guaranteed that the SSLIOP::Current object is
00083   // specific to the ORB being initialized since a new SSLIOP::Current
00084   // object is registered for each ORB in this ORBInitializer's
00085   // pre_init() method.
00086 
00087   // Create the SSLIOP secure invocation server request interceptor.
00088   PortableInterceptor::ServerRequestInterceptor_ptr si =
00089     PortableInterceptor::ServerRequestInterceptor::_nil ();
00090   ACE_NEW_THROW_EX (si,
00091                     TAO::SSLIOP::Server_Invocation_Interceptor
00092                       (info,
00093                        this->qop_,
00094                        this->get_tss_slot_id (info)),
00095                     CORBA::NO_MEMORY (
00096                       CORBA::SystemException::_tao_minor_code (
00097                         TAO::VMCID,
00098                         ENOMEM),
00099                       CORBA::COMPLETED_NO));
00100 
00101   PortableInterceptor::ServerRequestInterceptor_var si_interceptor =
00102     si;
00103 
00104   // Register the SSLIOP secure invocation server request interceptor
00105   // with the ORB.
00106   info->add_server_request_interceptor (si_interceptor.in ());
00107 
00108 //   TAO_ORBInitInfo_var tao_info =
00109 //     TAO_ORBInitInfo::_narrow (info
00110 //);
00111 
00112 //   if (CORBA::is_nil (tao_info.in ()))
00113 //     ACE_THROW (CORBA::INV_OBJREF ());
00114 
00115 //   TAO_ORB_Core * orb_core = tao_info->orb_core ();
00116 
00117 //   // Create the SSLIOP IOR interceptor.
00118 //   PortableInterceptor::IORInterceptor_ptr ii =
00119 //     PortableInterceptor::IORInterceptor::_nil ();
00120 //   ACE_NEW_THROW_EX (ii,
00121 //                     TAO::SSLIOP::IORInterceptor (orb_core,
00122 //                                                  this->csiv2_target_supports_,
00123 //                                                  this->csiv2_target_requires_),
00124 //                     CORBA::NO_MEMORY (
00125 //                       CORBA::SystemException::_tao_minor_code (
00126 //                         TAO::VMCID,
00127 //                         ENOMEM),
00128 //                       CORBA::COMPLETED_NO));
00129 
00130 //   PortableInterceptor::IORInterceptor_var ior_interceptor =
00131 //     ii;
00132 
00133 //   // Register the SSLIOP IORInterceptor.
00134 //   info->add_ior_interceptor (ior_interceptor.in ()
00135 //);
00136 
00137   // Register the SSLIOP-specific vault with the
00138   // PrincipalAuthenticator.
00139   CORBA::Object_var obj =
00140     info->resolve_initial_references ("SecurityLevel3:SecurityManager");
00141 
00142   SecurityLevel3::SecurityManager_var manager =
00143     SecurityLevel3::SecurityManager::_narrow (obj.in ());
00144 
00145   SecurityLevel3::CredentialsCurator_var curator =
00146     manager->credentials_curator ();
00147 
00148   TAO::SL3::CredentialsCurator_var tao_curator =
00149     TAO::SL3::CredentialsCurator::_narrow (curator.in ());
00150 
00151   TAO::SSLIOP::CredentialsAcquirerFactory * factory;
00152   ACE_NEW_THROW_EX (factory,
00153                     TAO::SSLIOP::CredentialsAcquirerFactory,
00154                     CORBA::NO_MEMORY ());
00155 
00156   auto_ptr<TAO::SSLIOP::CredentialsAcquirerFactory> safe_factory;
00157 
00158   tao_curator->register_acquirer_factory ("SL3TLS", factory);
00159 
00160   (void) safe_factory.release ();  // CredentialsCurator now owns
00161                                    // CredentialsAcquirerFactory.
00162 }
00163 
00164 size_t
00165 TAO::SSLIOP::ORBInitializer::get_tss_slot_id (
00166   PortableInterceptor::ORBInitInfo_ptr info)
00167 {
00168   // Obtain the Security Service TSS slot ID from the SecurityCurrent
00169   // object.
00170   CORBA::Object_var obj =
00171     info->resolve_initial_references ("SecurityLevel3:SecurityCurrent");
00172 
00173   SecurityLevel3::SecurityCurrent_var current =
00174     SecurityLevel3::SecurityCurrent::_narrow (obj.in ());
00175 
00176   TAO::SL3::SecurityCurrent * security_current =
00177     dynamic_cast<TAO::SL3::SecurityCurrent *> (current.in ());
00178 
00179   if (security_current == 0)
00180     {
00181       ACE_DEBUG ((LM_DEBUG,
00182                   "Unable to obtain TSS slot ID from "
00183                   "\"SecurityCurrent\" object.\n"));
00184 
00185       throw CORBA::INTERNAL ();
00186     }
00187 
00188   return security_current->tss_slot ();
00189 }
00190 
00191 TAO_END_VERSIONED_NAMESPACE_DECL