001: package org.jacorb.orb.standardInterceptors;
002:
003: /*
004: * JacORB - a free Java ORB
005: *
006: * Copyright (C) 1999-2004 Gerald Brose
007: *
008: * This library is free software; you can redistribute it and/or
009: * modify it under the terms of the GNU Library General Public
010: * License as published by the Free Software Foundation; either
011: * version 2 of the License, or (at your option) any later version.
012: *
013: * This library is distributed in the hope that it will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
016: * Library General Public License for more details.
017: *
018: * You should have received a copy of the GNU Library General Public
019: * License along with this library; if not, write to the Free
020: * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
021: *
022: */
023:
024: import org.apache.avalon.framework.logger.Logger;
025: import org.apache.avalon.framework.configuration.ConfigurationException;
026: import org.ietf.jgss.Oid;
027:
028: import org.jacorb.orb.CDROutputStream;
029: import org.jacorb.orb.ORB;
030: import org.jacorb.orb.portableInterceptor.IORInfoImpl;
031: import org.jacorb.sasPolicy.ATLASPolicy;
032: import org.jacorb.sasPolicy.ATLASPolicyValues;
033: import org.jacorb.sasPolicy.ATLAS_POLICY_TYPE;
034: import org.jacorb.sasPolicy.SASPolicy;
035: import org.jacorb.sasPolicy.SASPolicyValues;
036: import org.jacorb.sasPolicy.SAS_POLICY_TYPE;
037: import org.jacorb.security.sas.ISASContext;
038:
039: import org.omg.ATLAS.ATLASLocator;
040: import org.omg.ATLAS.ATLASProfile;
041: import org.omg.ATLAS.ATLASProfileHelper;
042: import org.omg.ATLAS.SCS_ATLAS;
043: import org.omg.CORBA.BAD_PARAM;
044: import org.omg.CSIIOP.AS_ContextSec;
045: import org.omg.CSIIOP.CompoundSecMech;
046: import org.omg.CSIIOP.CompoundSecMechList;
047: import org.omg.CSIIOP.CompoundSecMechListHelper;
048: import org.omg.CSIIOP.SAS_ContextSec;
049: import org.omg.CSIIOP.ServiceConfiguration;
050: import org.omg.CSIIOP.TAG_CSI_SEC_MECH_LIST;
051: import org.omg.CSIIOP.TAG_NULL_TAG;
052: import org.omg.IOP.Codec;
053: import org.omg.IOP.CodecFactory;
054: import org.omg.IOP.ENCODING_CDR_ENCAPS;
055: import org.omg.IOP.Encoding;
056: import org.omg.IOP.TAG_INTERNET_IOP;
057: import org.omg.IOP.TaggedComponent;
058: import org.omg.PortableInterceptor.IORInfo;
059: import org.omg.PortableInterceptor.IORInterceptor;
060: import org.omg.PortableInterceptor.ORBInitInfo;
061:
062: /**
063: * This interceptor creates an sas TaggedComponent
064: *
065: * @author David Robison
066: * @version $Id: SASComponentInterceptor.java,v 1.22 2006/07/14 12:02:41 nick.cross Exp $
067: */
068:
069: public class SASComponentInterceptor extends org.omg.CORBA.LocalObject
070: implements IORInterceptor {
071: /** the configuration object */
072: private final org.jacorb.config.Configuration config;
073:
074: /** the logger used by this implementation */
075: private final Logger logger;
076:
077: private final ORB orb;
078: private Codec codec;
079: private TaggedComponent taggedComponent;
080: private final ISASContext sasContext;
081:
082: public SASComponentInterceptor(ORBInitInfo info) {
083: super ();
084:
085: orb = ((org.jacorb.orb.portableInterceptor.ORBInitInfoImpl) info)
086: .getORB();
087: config = orb.getConfiguration();
088: logger = config.getNamedLogger("jacorb.SAS.IOR");
089:
090: try {
091: Encoding encoding = new Encoding(ENCODING_CDR_ENCAPS.value,
092: (byte) 1, (byte) 0);
093:
094: CodecFactory codec_factory = (CodecFactory) orb
095: .resolve_initial_references("CodecFactory");
096:
097: codec = codec_factory.create_codec(encoding);
098: } catch (Exception e) {
099: logger.error("Error initing SASComponentInterceptor: ", e);
100: }
101:
102: sasContext = newSasContext();
103:
104: if (sasContext == null && logger.isErrorEnabled()) {
105: logger.error("Could not load SAS context class: "
106: + config.getAttribute(
107: "jacorb.security.sas.contextClass", ""));
108: }
109: }
110:
111: private ISASContext newSasContext() {
112: try {
113: return (ISASContext) config
114: .getAttributeAsObject("jacorb.security.sas.contextClass");
115: } catch (ConfigurationException e) {
116: return null;
117: }
118: }
119:
120: // implementation of org.omg.PortableInterceptor.IORInterceptorOperations interface
121:
122: public String name() {
123: return "SASComponentCreator";
124: }
125:
126: public void destroy() {
127: // nothing to do
128: }
129:
130: /**
131: * Builds an sas TaggedComponent.
132: * Was formerly: ORB.makeSASComponent()
133: */
134:
135: public void establish_components(IORInfo info) {
136: // see if SAS policy is set
137: if (sasContext == null) {
138: return;
139: }
140:
141: SASPolicyValues sasValues = null;
142: try {
143: SASPolicy policy = (SASPolicy) ((IORInfoImpl) info)
144: .get_effective_policy(SAS_POLICY_TYPE.value);
145: if (policy != null) {
146: sasValues = policy.value();
147: }
148: } catch (BAD_PARAM e) {
149: logger.debug("No SAS Policy");
150: } catch (Exception e) {
151: logger.warn("Error fetching SAS policy", e);
152: }
153:
154: if (sasValues == null) {
155: return;
156: }
157:
158: if (sasValues.targetRequires == 0
159: && sasValues.targetSupports == 0) {
160: return;
161: }
162:
163: ATLASPolicyValues atlasValues = null;
164: try {
165: ATLASPolicy policy = (ATLASPolicy) info
166: .get_effective_policy(ATLAS_POLICY_TYPE.value);
167: if (policy != null) {
168: atlasValues = policy.value();
169: }
170: } catch (BAD_PARAM e) {
171: logger.debug("No ATLAS Policy");
172: } catch (Exception e) {
173: logger.warn("Error fetching ATLAS policy", e);
174: }
175:
176: // generate SAS tag
177: try {
178: if (taggedComponent == null) {
179: // for now, no transport mechanizms
180: TaggedComponent transportMech = new TaggedComponent(
181: TAG_NULL_TAG.value, new byte[0]);
182:
183: // the AS_ContextSec
184: byte[] targetName = sasContext.getClientPrincipal()
185: .getBytes();
186: ServiceConfiguration[] serviceConfiguration = null;
187: if (atlasValues == null) {
188: serviceConfiguration = new ServiceConfiguration[0];
189: } else {
190: if (atlasValues.atlasCache == null) {
191: atlasValues.atlasCache = "";
192: }
193: ATLASLocator atlasLoc = new ATLASLocator();
194: atlasLoc.the_url(atlasValues.atlasURL);
195: ATLASProfile profile = new ATLASProfile();
196: profile.the_cache_id = atlasValues.atlasCache
197: .getBytes();
198: profile.the_locator = atlasLoc;
199: byte[] cdrProfile = new byte[0];
200: org.omg.CORBA.Any any = orb.create_any();
201: ATLASProfileHelper.insert(any, profile);
202: cdrProfile = codec.encode(any);
203: serviceConfiguration = new ServiceConfiguration[1];
204: serviceConfiguration[0] = new ServiceConfiguration(
205: SCS_ATLAS.value, cdrProfile);
206: }
207: SAS_ContextSec sasContextSec = new SAS_ContextSec(
208: (short) 0, (short) 0, serviceConfiguration,
209: new byte[0][0], 0);
210:
211: // create the security mech list
212: boolean useStateful = config.getAttributeAsBoolean(
213: "jacorb.security.sas.stateful", true);
214:
215: CompoundSecMech[] compoundSecMech = new CompoundSecMech[1];
216: Oid oid = new Oid(sasContext.getMechOID());
217: byte[] clientAuthenticationMech = oid.getDER();
218:
219: AS_ContextSec asContextSec = new AS_ContextSec(
220: sasValues.targetSupports,
221: sasValues.targetRequires,
222: clientAuthenticationMech, targetName);
223: compoundSecMech[0] = new CompoundSecMech(
224: sasValues.targetRequires, transportMech,
225: asContextSec, sasContextSec);
226:
227: CompoundSecMechList compoundSecMechList = new CompoundSecMechList(
228: useStateful, compoundSecMech);
229:
230: // export to tagged component
231: final CDROutputStream sasDataStream = new CDROutputStream(
232: orb);
233:
234: try {
235: sasDataStream.beginEncapsulatedArray();
236: CompoundSecMechListHelper.write(sasDataStream,
237: compoundSecMechList);
238: taggedComponent = new TaggedComponent(
239: TAG_CSI_SEC_MECH_LIST.value, sasDataStream
240: .getBufferCopy());
241: } finally {
242: sasDataStream.close();
243: }
244: }
245:
246: info.add_ior_component_to_profile(taggedComponent,
247: TAG_INTERNET_IOP.value);
248: } catch (Exception e) {
249: logger.error("establish_components error: ", e);
250: }
251: }
252: }
|