001: /*
002: * JacORB - a free Java ORB
003: *
004: * Copyright (C) 1999-2004 Gerald Brose
005: *
006: * This library is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU Library General Public
008: * License as published by the Free Software Foundation; either
009: * version 2 of the License, or (at your option) any later version.
010: *
011: * This library is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Library General Public License for more details.
015: *
016: * You should have received a copy of the GNU Library General Public
017: * License along with this library; if not, write to the Free
018: * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
019: *
020: */
021: package org.jacorb.orb.standardInterceptors;
022:
023: import org.apache.avalon.framework.configuration.*;
024: import org.apache.avalon.framework.logger.Logger;
025:
026: import org.omg.PortableInterceptor.*;
027: import org.omg.CORBA.INTERNAL;
028: import org.omg.IOP.*;
029: import org.omg.SSLIOP.*;
030:
031: import org.jacorb.orb.*;
032:
033: /**
034: * This interceptor creates an ssl TaggedComponent
035: *
036: * @author Nicolas Noffke
037: * @version $Id: SSLComponentInterceptor.java,v 1.22 2006/05/17 13:18:01 alphonse.bendt Exp $
038: */
039:
040: public class SSLComponentInterceptor extends org.omg.CORBA.LocalObject
041: implements IORInterceptor, Configurable {
042: private final ORB orb;
043: private final Logger logger;
044: private TaggedComponent tc = null;
045: private short supported = 0;
046: private short required = 0;
047:
048: public SSLComponentInterceptor(ORB orb)
049: throws ConfigurationException {
050: this .orb = orb;
051: configure(orb.getConfiguration());
052: logger = orb.getConfiguration().getNamedLogger(
053: getClass().getName());
054: }
055:
056: public void configure(Configuration configuration)
057: throws ConfigurationException {
058: supported = Short.parseShort(configuration.getAttribute(
059: "jacorb.security.ssl.server.supported_options", "20"),
060: 16); // 16 is the base as we take the string value as hex!
061:
062: required = Short
063: .parseShort(configuration.getAttribute(
064: "jacorb.security.ssl.server.required_options",
065: "0"), 16);
066:
067: }
068:
069: // implementation of org.omg.PortableInterceptor.IORInterceptorOperations interface
070: public String name() {
071: return "SSLComponentCreator";
072: }
073:
074: public void destroy() {
075: }
076:
077: /**
078: * Builds an ssl TaggedComponent.
079: * Was formerly: ORB.makeSSLComponent()
080: */
081:
082: /*
083: typedef unsigned short AssociationOptions;
084:
085: const AssociationOptions NoProtection = 1; 0x001
086: const AssociationOptions Integrity = 2; 0x002
087: const AssociationOptions Confidentiality = 4; 0x004
088: const AssociationOptions DetectReplay = 8; 0x008
089: const AssociationOptions DetectMisordering = 16;0x010
090: const AssociationOptions EstablishTrustInTarget = 32; 0x020
091: const AssociationOptions EstablishTrustInClient = 64; 0x040
092: const AssociationOptions NoDelegation = 128; 0x080
093: const AssociationOptions SimpleDelegation = 256; 0x100
094: const AssociationOptions CompositeDelegation = 512; 0x200
095: */
096:
097: public void establish_components(IORInfo info) {
098: try {
099: if (tc == null) {
100: SSL ssl = new SSL(supported, required, (short) orb
101: .getBasicAdapter().getSSLPort());
102:
103: //we don't support delegation 0x80 -> NoDelegation we don't
104: //care if the other side delegates, so no required options are
105: //set.
106: ssl.target_supports |= 0x80;
107:
108: //this is SSLs default behaviour, included for completeness
109: ssl.target_supports |= 0x20; //establish trust in target
110:
111: CDROutputStream sslDataStream = new CDROutputStream(orb);
112:
113: sslDataStream.beginEncapsulatedArray();
114:
115: SSLHelper.write(sslDataStream, ssl);
116:
117: tc = new TaggedComponent(
118: org.omg.SSLIOP.TAG_SSL_SEC_TRANS.value,
119: sslDataStream.getBufferCopy());
120:
121: sslDataStream.close();
122: sslDataStream = null;
123: }
124:
125: info.add_ior_component_to_profile(tc,
126: TAG_INTERNET_IOP.value);
127: } catch (Exception e) {
128: logger.error("unexpected exception", e);
129: throw new INTERNAL(e.toString());
130: }
131: }
132: } // SSLComponentInterceptor
|