void
ServerRequestInterceptor::receive_request (
PortableInterceptor::ServerRequestInfo_ptr ri)
{
// If no response is expected, then we're invoking the oneway
// shutdown operation. Don't bother displaying output a second
// time.
CORBA::Boolean response_expected =
ri->response_expected ();
if (!response_expected)
return;
PortableServer::POA_var poa;
try
{
poa = this->poa_current_->get_POA ();
}
catch (const PortableServer::Current::NoContext& ex)
{
ex._tao_print_exception ("ServerRequestInterceptor::receive_request");
throw CORBA::INTERNAL ();
}
PortableServer::POA_var parent_poa =
poa->the_parent ();
// Make sure there is more than one POA in the POA hierarchy since
// the servant should have been registered with a child POA, not the
// RootPOA.
ACE_ASSERT (!CORBA::is_nil (parent_poa.in ()));
PortableInterceptor::AdapterName_var name =
ri->adapter_name ();
ACE_DEBUG ((LM_INFO,
"POA Hierarchy:\n"
"==============\n"));
const CORBA::ULong len = name->length ();
// Make sure there is more than one AdapterName in the AdapterName
// sequence since the servant should have been registered with a
// child POA, not the RootPOA.
ACE_ASSERT (len > 1);
for (CORBA::ULong i = 0; i < len; ++i)
{
for (CORBA::ULong j = 0; j < i; ++j)
ACE_DEBUG ((LM_INFO, "\t"));
ACE_DEBUG ((LM_INFO,
"%C\n",
static_cast<char const*>(name[i])));
}
ACE_DEBUG ((LM_INFO,
"\n"
"==============\n"));
// Make sure the name of the RootPOA is the first in the AdapterName
// sequence.
ACE_ASSERT (ACE_OS::strcmp ("RootPOA", name[(CORBA::ULong) 0]) == 0);
CORBA::String_var orb_id = ri->orb_id ();
ACE_ASSERT (ACE_OS::strcmp (this->orb_id_.in (), orb_id.in ()) == 0);
CORBA::String_var server_id = ri->server_id ();
ACE_ASSERT (ACE_OS::strcmp (server_id.in (), "ORT_test_server") == 0);
}
void
TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
PortableInterceptor::ServerRequestInfo_ptr ri )
{
SecurityLevel2::AccessDecision_var ad_tmp =
this->sec2manager_->access_decision ();
TAO::SL2::AccessDecision_var ad =
TAO::SL2::AccessDecision::_narrow (ad_tmp.in ());
CORBA::Boolean const no_ssl =
this->ssliop_current_->no_context ();
if (TAO_debug_level >= 3)
ORBSVCS_DEBUG ((LM_DEBUG, "SSLIOP (%P|%t) Interceptor (context), ssl=%d\n", !(no_ssl)));
// if
// (1) no SSL session state is available (which means that the
// invocation is received across a non-SSL transport)
// AND
// (2) the required Quality of Protection is something other
// than SecQOPNoProtection (set via -SSLNoProtection)
if (no_ssl && this->qop_ != ::Security::SecQOPNoProtection)
{
/*
* Set up all the arguments needed by the call
* to AccessDecision::access_allowed()
*/
/* Get the credentials from SSLIOP */
SecurityLevel2::CredentialsList cred_list; // initial empty?
#if 0
try {
SecurityLevel2::ReceivedCredentials_var rcvd_creds =
this->sec2_current_->received_credentials ();
// this gets the credentials received from the other side. We
// should be able to put this into a CredentialsList with no
// problem.
//
// Do I really need to implement a sec2_current, or can I hack
// the conversion at this level? I probably ought to do it as
// a real sec2_current with the conversion from sec3->sec2
// happening at a lower level.
cred_list.length(1);
cred_list[0] = rcvd_creds.in ();
/*
So, in looking for how we can do this, I find that the
SL3_SecurityCurrent::client_credentials() delegates to SL3_SecurityCurrent_Impl::client_credentials(),
which is pure virtual.
*/
}
catch (...) {
}
#endif
/* Gather the elements that uniquely identify the target object */
CORBA::ORBid_var orb_id = ri->orb_id ();
CORBA::OctetSeq_var adapter_id = ri->adapter_id ();
CORBA::OctetSeq_var object_id = ri->object_id ();
CORBA::String_var operation_name = ri->operation ();
CORBA::Boolean it_should_happen = false;
it_should_happen = ad->access_allowed_ex (orb_id.in (),
adapter_id.in (),
object_id.in (),
cred_list,
operation_name.in());
if (TAO_debug_level >= 3)
{
ORBSVCS_DEBUG ((LM_DEBUG,
"TAO (%P|%t) SL2::access_allowed_ex returned %s\n",
it_should_happen ? "true" : "false"));
}
if (! it_should_happen)
throw CORBA::NO_PERMISSION ();
}
}
