Пример #1
0
void
ServerRequestInterceptor::receive_request (
    PortableInterceptor::ServerRequestInfo_ptr ri)
{
  // If no response is expected, then we're invoking the oneway
  // shutdown operation.  Don't bother displaying output a second
  // time.
  CORBA::Boolean response_expected =
    ri->response_expected ();

  if (!response_expected)
    return;

  PortableServer::POA_var poa;

  try
    {
      poa = this->poa_current_->get_POA ();
    }
  catch (const PortableServer::Current::NoContext& ex)
    {
      ex._tao_print_exception ("ServerRequestInterceptor::receive_request");

      throw CORBA::INTERNAL ();
    }

  PortableServer::POA_var parent_poa =
    poa->the_parent ();

  // Make sure there is more than one POA in the POA hierarchy since
  // the servant should have been registered with a child POA, not the
  // RootPOA.
  ACE_ASSERT (!CORBA::is_nil (parent_poa.in ()));

  PortableInterceptor::AdapterName_var name =
    ri->adapter_name ();


  ACE_DEBUG ((LM_INFO,
              "POA Hierarchy:\n"
              "==============\n"));

  const CORBA::ULong len = name->length ();

  // Make sure there is more than one AdapterName in the AdapterName
  // sequence since the servant should have been registered with a
  // child POA, not the RootPOA.
  ACE_ASSERT (len > 1);

  for (CORBA::ULong i = 0; i < len; ++i)
    {
      for (CORBA::ULong j = 0; j < i; ++j)
        ACE_DEBUG ((LM_INFO, "\t"));

      ACE_DEBUG ((LM_INFO,
                  "%C\n",
                  static_cast<char const*>(name[i])));
    }

  ACE_DEBUG ((LM_INFO,
              "\n"
              "==============\n"));

  // Make sure the name of the RootPOA is the first in the AdapterName
  // sequence.
  ACE_ASSERT (ACE_OS::strcmp ("RootPOA", name[(CORBA::ULong) 0]) == 0);

  CORBA::String_var orb_id = ri->orb_id ();

  ACE_ASSERT (ACE_OS::strcmp (this->orb_id_.in (), orb_id.in ()) == 0);

  CORBA::String_var server_id = ri->server_id ();

  ACE_ASSERT (ACE_OS::strcmp (server_id.in (), "ORT_test_server") == 0);
}
void
TAO::SSLIOP::Server_Invocation_Interceptor::receive_request (
    PortableInterceptor::ServerRequestInfo_ptr ri )
{
  SecurityLevel2::AccessDecision_var ad_tmp =
    this->sec2manager_->access_decision ();
  TAO::SL2::AccessDecision_var ad =
    TAO::SL2::AccessDecision::_narrow (ad_tmp.in ());

  CORBA::Boolean const no_ssl =
    this->ssliop_current_->no_context ();

  if (TAO_debug_level >= 3)
    ORBSVCS_DEBUG ((LM_DEBUG, "SSLIOP (%P|%t) Interceptor (context), ssl=%d\n", !(no_ssl)));

  // if
  // (1) no SSL session state is available (which means that the
  //     invocation is received across a non-SSL transport)
  // AND
  // (2) the required Quality of Protection is something other
  //     than SecQOPNoProtection (set via -SSLNoProtection)
  if (no_ssl && this->qop_ != ::Security::SecQOPNoProtection)
    {
      /*
       * Set up all the arguments needed by the call
       * to AccessDecision::access_allowed()
       */

      /* Get the credentials from SSLIOP */
      SecurityLevel2::CredentialsList cred_list; // initial empty?
#if 0
      try {
        SecurityLevel2::ReceivedCredentials_var rcvd_creds =
          this->sec2_current_->received_credentials ();
        // this gets the credentials received from the other side.  We
        // should be able to put this into a CredentialsList with no
        // problem.
        //
        // Do I really need to implement a sec2_current, or can I hack
        // the conversion at this level?  I probably ought to do it as
        // a real sec2_current with the conversion from sec3->sec2
        // happening at a lower level.

        cred_list.length(1);
        cred_list[0] = rcvd_creds.in ();
        /*
          So, in looking for how we can do this, I find that the
          SL3_SecurityCurrent::client_credentials() delegates to SL3_SecurityCurrent_Impl::client_credentials(),
          which is pure virtual.
        */
      }
      catch (...) {
      }
#endif

      /* Gather the elements that uniquely identify the target object */
      CORBA::ORBid_var orb_id = ri->orb_id ();
      CORBA::OctetSeq_var adapter_id = ri->adapter_id ();
      CORBA::OctetSeq_var object_id = ri->object_id ();
      CORBA::String_var operation_name = ri->operation ();

      CORBA::Boolean it_should_happen = false;
      it_should_happen = ad->access_allowed_ex (orb_id.in (),
                                                adapter_id.in (),
                                                object_id.in (),
                                                cred_list,
                                                operation_name.in());
      if (TAO_debug_level >= 3)
        {
          ORBSVCS_DEBUG ((LM_DEBUG,
            "TAO (%P|%t) SL2::access_allowed_ex returned %s\n",
            it_should_happen ? "true" : "false"));
        }

      if (! it_should_happen)
        throw CORBA::NO_PERMISSION ();
    }
}