/** * <p> * Create a {@code org.omg.CSIIOP.CompoundSecMechanisms} which is a sequence of {@code CompoundSecMech}. Here we only * support one security mechanism. * </p> * * @param metadata the metadata object that contains the CSIv2 security configuration info. * @param codec the {@code Codec} used to encode the CSIv2 security component. * @param sslPort an {@code int} representing the SSL port. * @param orb a reference to the running {@code ORB}. * @return the constructed {@code CompoundSecMech} array. */ public static CompoundSecMech[] createCompoundSecMechanisms(IORSecurityConfigMetaData metadata, Codec codec, int sslPort, ORB orb) { // support just 1 security mechanism for now (and ever). CompoundSecMech[] csmList = new CompoundSecMech[1]; // a CompoundSecMech contains: target_requires, transport_mech, as_context_mech, sas_context_mech. TaggedComponent transport_mech = createTransportMech(metadata.getTransportConfig(), codec, sslPort, orb); // create AS Context. AS_ContextSec asContext = createAuthenticationServiceContext(metadata); // create SAS Context. SAS_ContextSec sasContext = createSecureAttributeServiceContext(metadata); // create target_requires bit field (AssociationOption) can't read directly the transport_mech TaggedComponent. int target_requires = createTargetRequires(metadata.getTransportConfig()) | asContext.target_requires | sasContext.target_requires; CompoundSecMech csm = new CompoundSecMech((short) target_requires, transport_mech, asContext, sasContext); csmList[0] = csm; return csmList; }
byte[] targetName = {}; IORASContextMetaData asMeta = metadata.getAsContext();
IORSASContextMetaData sasMeta = metadata.getSasContext();
private IORSecurityConfigMetaData createIORSecurityConfigMetaData(final OperationContext context, final ModelNode resourceModel, final boolean sslConfigured, final boolean serverRequiresSsl) throws OperationFailedException { final IORSecurityConfigMetaData securityConfigMetaData = new IORSecurityConfigMetaData(); securityConfigMetaData.setSasContext(sasContextMetaData); securityConfigMetaData.setAsContext(asContextMetaData); transportConfigMetaData.setDetectReplay(Constants.IOR_SUPPORTED); securityConfigMetaData.setTransportConfig(transportConfigMetaData); return securityConfigMetaData;
/** * Create a new IorSecurityConfigMetaData. * * @param securityConfigMetaData the security config */ IorSecurityConfigMetaData(IORSecurityConfigMetaData securityConfigMetaData) { if (securityConfigMetaData == null) throw new IllegalArgumentException("Null security config metadata"); transportConfig = new TransportConfig(securityConfigMetaData.getTransportConfig()); asContext = new AsContext(securityConfigMetaData.getAsContext()); sasContext = new SasContext(securityConfigMetaData.getSasContext()); }
/** * <p> * Creates an instance of {@code CSIv2IORInterceptor} with the specified codec. * </p> * * @param codec the {@code Codec} used to encode the IOR security components. */ public CSIv2IORInterceptor(Codec codec) { String sslPortString = CorbaORBService.getORBProperty(Constants.ORB_SSL_PORT); int sslPort = sslPortString == null ? 0 : Integer.parseInt(sslPortString); try { SSL ssl = new SSL((short) MIN_SSL_OPTIONS, (short) 0, /* required options */ (short) sslPort); ORB orb = ORB.init(); Any any = orb.create_any(); SSLHelper.insert(any, ssl); byte[] componentData = codec.encode_value(any); defaultSSLComponent = new TaggedComponent(TAG_SSL_SEC_TRANS.value, componentData); IORSecurityConfigMetaData iorSecurityConfigMetaData = IORSecConfigMetaDataService.getCurrent(); if (iorSecurityConfigMetaData == null) iorSecurityConfigMetaData = new IORSecurityConfigMetaData(); defaultCSIComponent = CSIv2Util.createSecurityTaggedComponent(iorSecurityConfigMetaData, codec, sslPort, orb); } catch (InvalidTypeForEncoding e) { throw IIOPLogger.ROOT_LOGGER.unexpectedException(e); } }
/** * Create a new IorSecurityConfigMetaData. * * @param securityConfigMetaData the security config */ IorSecurityConfigMetaData(IORSecurityConfigMetaData securityConfigMetaData) { if (securityConfigMetaData == null) throw new IllegalArgumentException("Null security config metadata"); transportConfig = new TransportConfig(securityConfigMetaData.getTransportConfig()); asContext = new AsContext(securityConfigMetaData.getAsContext()); sasContext = new SasContext(securityConfigMetaData.getSasContext()); }
private IORSecurityConfigMetaData createIORSecurityConfigMetaData(final OperationContext context, final ModelNode resourceModel, final boolean sslConfigured, final boolean serverRequiresSsl) throws OperationFailedException { final IORSecurityConfigMetaData securityConfigMetaData = new IORSecurityConfigMetaData(); securityConfigMetaData.setSasContext(sasContextMetaData); securityConfigMetaData.setAsContext(asContextMetaData); transportConfigMetaData.setDetectReplay(Constants.IOR_SUPPORTED); securityConfigMetaData.setTransportConfig(transportConfigMetaData); return securityConfigMetaData;
/** * <p> * Creates an instance of {@code CSIv2IORInterceptor} with the specified codec. * </p> * * @param codec the {@code Codec} used to encode the IOR security components. */ public CSIv2IORInterceptor(Codec codec) { String sslPortString = CorbaORBService.getORBProperty(Constants.ORB_SSL_PORT); int sslPort = sslPortString == null ? 0 : Integer.parseInt(sslPortString); try { SSL ssl = new SSL((short) 0, (short) MIN_SSL_OPTIONS, /* required options */ (short) sslPort); ORB orb = ORB.init(); Any any = orb.create_any(); SSLHelper.insert(any, ssl); byte[] componentData = codec.encode_value(any); defaultSSLComponent = new TaggedComponent(TAG_SSL_SEC_TRANS.value, componentData); IORSecurityConfigMetaData iorSecurityConfigMetaData = IORSecConfigMetaDataService.getCurrent(); if (iorSecurityConfigMetaData == null) iorSecurityConfigMetaData = new IORSecurityConfigMetaData(); defaultCSIComponent = CSIv2Util.createSecurityTaggedComponent(iorSecurityConfigMetaData, codec, sslPort, orb); } catch (InvalidTypeForEncoding e) { throw IIOPLogger.ROOT_LOGGER.unexpectedException(e); } }
int supports = createTargetSupports(metadata.getTransportConfig()); int requires = createTargetRequires(metadata.getTransportConfig()); SSL ssl = new SSL((short) supports, (short) requires, (short) sslPort); Any any = orb.create_any();
private IORSecurityConfigMetaData createIORSecurityConfigMetaData(final OperationContext context, final ModelNode resourceModel, final boolean sslConfigured, final boolean serverRequiresSsl) throws OperationFailedException { final IORSecurityConfigMetaData securityConfigMetaData = new IORSecurityConfigMetaData(); securityConfigMetaData.setSasContext(sasContextMetaData); securityConfigMetaData.setAsContext(asContextMetaData); transportConfigMetaData.setDetectReplay(Constants.IOR_SUPPORTED); securityConfigMetaData.setTransportConfig(transportConfigMetaData); return securityConfigMetaData;
IORSASContextMetaData sasMeta = metadata.getSasContext();
byte[] targetName = {}; IORASContextMetaData asMeta = metadata.getAsContext();
/** * <p> * Creates an instance of {@code CSIv2IORInterceptor} with the specified codec. * </p> * * @param codec the {@code Codec} used to encode the IOR security components. */ public CSIv2IORInterceptor(Codec codec) { String sslPortString = CorbaORBService.getORBProperty(Constants.ORB_SSL_PORT); int sslPort = sslPortString == null ? 0 : Integer.parseInt(sslPortString); try { SSL ssl = new SSL((short) 0, (short) MIN_SSL_OPTIONS, /* required options */ (short) sslPort); ORB orb = ORB.init(); Any any = orb.create_any(); SSLHelper.insert(any, ssl); byte[] componentData = codec.encode_value(any); defaultSSLComponent = new TaggedComponent(TAG_SSL_SEC_TRANS.value, componentData); IORSecurityConfigMetaData iorSecurityConfigMetaData = IORSecConfigMetaDataService.getCurrent(); if (iorSecurityConfigMetaData == null) iorSecurityConfigMetaData = new IORSecurityConfigMetaData(); defaultCSIComponent = CSIv2Util.createSecurityTaggedComponent(iorSecurityConfigMetaData, codec, sslPort, orb); } catch (InvalidTypeForEncoding e) { throw IIOPLogger.ROOT_LOGGER.unexpectedException(e); } }
if (iorSecurityConfigMetaData != null && iorSecurityConfigMetaData.getTransportConfig() != null) { IORTransportConfigMetaData tc = iorSecurityConfigMetaData.getTransportConfig(); sslRequired = IORTransportConfigMetaData.INTEGRITY_REQUIRED.equals(tc.getIntegrity()) || IORTransportConfigMetaData.CONFIDENTIALITY_REQUIRED.equals(tc.getConfidentiality())
IORSASContextMetaData sasMeta = metadata.getSasContext();
byte[] targetName = {}; IORASContextMetaData asMeta = metadata.getAsContext();
/** * <p> * Create a {@code org.omg.CSIIOP.CompoundSecMechanisms} which is a sequence of {@code CompoundSecMech}. Here we only * support one security mechanism. * </p> * * @param metadata the metadata object that contains the CSIv2 security configuration info. * @param codec the {@code Codec} used to encode the CSIv2 security component. * @param sslPort an {@code int} representing the SSL port. * @param orb a reference to the running {@code ORB}. * @return the constructed {@code CompoundSecMech} array. */ public static CompoundSecMech[] createCompoundSecMechanisms(IORSecurityConfigMetaData metadata, Codec codec, int sslPort, ORB orb) { // support just 1 security mechanism for now (and ever). CompoundSecMech[] csmList = new CompoundSecMech[1]; // a CompoundSecMech contains: target_requires, transport_mech, as_context_mech, sas_context_mech. TaggedComponent transport_mech = createTransportMech(metadata.getTransportConfig(), codec, sslPort, orb); // create AS Context. AS_ContextSec asContext = createAuthenticationServiceContext(metadata); // create SAS Context. SAS_ContextSec sasContext = createSecureAttributeServiceContext(metadata); // create target_requires bit field (AssociationOption) can't read directly the transport_mech TaggedComponent. int target_requires = createTargetRequires(metadata.getTransportConfig()) | asContext.target_requires | sasContext.target_requires; CompoundSecMech csm = new CompoundSecMech((short) target_requires, transport_mech, asContext, sasContext); csmList[0] = csm; return csmList; }
/** * <p> * Create a {@code org.omg.CSIIOP.CompoundSecMechanisms} which is a sequence of {@code CompoundSecMech}. Here we only * support one security mechanism. * </p> * * @param metadata the metadata object that contains the CSIv2 security configuration info. * @param codec the {@code Codec} used to encode the CSIv2 security component. * @param sslPort an {@code int} representing the SSL port. * @param orb a reference to the running {@code ORB}. * @return the constructed {@code CompoundSecMech} array. */ public static CompoundSecMech[] createCompoundSecMechanisms(IORSecurityConfigMetaData metadata, Codec codec, int sslPort, ORB orb) { // support just 1 security mechanism for now (and ever). CompoundSecMech[] csmList = new CompoundSecMech[1]; // a CompoundSecMech contains: target_requires, transport_mech, as_context_mech, sas_context_mech. TaggedComponent transport_mech = createTransportMech(metadata.getTransportConfig(), codec, sslPort, orb); // create AS Context. AS_ContextSec asContext = createAuthenticationServiceContext(metadata); // create SAS Context. SAS_ContextSec sasContext = createSecureAttributeServiceContext(metadata); // create target_requires bit field (AssociationOption) can't read directly the transport_mech TaggedComponent. int target_requires = createTargetRequires(metadata.getTransportConfig()) | asContext.target_requires | sasContext.target_requires; CompoundSecMech csm = new CompoundSecMech((short) target_requires, transport_mech, asContext, sasContext); csmList[0] = csm; return csmList; }
int supports = createTargetSupports(metadata.getTransportConfig()); int requires = createTargetRequires(metadata.getTransportConfig()); SSL ssl = new SSL((short) supports, (short) requires, (short) sslPort); Any any = orb.create_any();