Package com.sun.enterprise.iiop.security
Class SecurityMechanismSelector
- java.lang.Object
-
- com.sun.enterprise.iiop.security.SecurityMechanismSelector
-
- All Implemented Interfaces:
org.glassfish.hk2.api.PostConstruct
@Service @Singleton public final class SecurityMechanismSelector extends Object implements org.glassfish.hk2.api.PostConstruct
This class is responsible for making various decisions for selecting security information to be sent in the IIOP message based on target configuration and client policies. Note: This class can be called concurrently by multiple client threads. However, none of its methods need to be synchronized because the methods either do not modify state or are idempotent.- Author:
- Nithya Subramanian
-
-
Field Summary
Fields Modifier and Type Field Description static StringCLIENT_CONNECTION_CONTEXT
-
Constructor Summary
Constructors Constructor Description SecurityMechanismSelector()Read the client and server preferences from the config files.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityContextevaluateTrust(SecurityContext securityContext, byte[] objectId, Socket socket)Called by the target to interpret client credentials after validation.ConnectionContextgetClientConnectionContext()CSIV2TaggedComponentInfogetCtc()org.omg.CORBA.ORBgetOrb()SecurityContextgetSecurityContextForAppClient(ComponentInvocation ci, boolean sslUsed, boolean clientAuthOccurred, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism)Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an appclient or standalone client.SecurityContextgetSecurityContextForWebOrEJB(ComponentInvocation ci, boolean sslUsed, boolean clientAuthOccurred, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism)Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an web component or EJB invoking another EJB.static StringgetSecurityMechanismString(CSIV2TaggedComponentInfo tCI, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech[] list, String name)StringgetSecurityMechanismString(CSIV2TaggedComponentInfo tCI, com.sun.corba.ee.spi.ior.IOR ior)com.sun.corba.ee.spi.transport.SocketInfogetSSLPort(com.sun.corba.ee.spi.ior.IOR ior, ConnectionContext ctx)This method determines if SSL should be used to connect to the target based on client and target policies.List<com.sun.corba.ee.spi.transport.SocketInfo>getSSLPorts(com.sun.corba.ee.spi.ior.IOR ior, ConnectionContext ctx)booleanisIdentityTypeSupported(com.sun.corba.ee.org.omg.CSIIOP.SAS_ContextSec sas)booleanisSslRequired()voidpostConstruct()SecurityContextselectSecurityContext(com.sun.corba.ee.spi.ior.IOR ior)Select the security context to be used by the CSIV2 layer based on whether the current component is an application client or a web/EJB component.com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMechselectSecurityMechanism(com.sun.corba.ee.spi.ior.IOR ior)voidsetClientConnectionContext(ConnectionContext scc)voidsetOrb(org.omg.CORBA.ORB val)static booleantraceIORs()
-
-
-
Field Detail
-
CLIENT_CONNECTION_CONTEXT
public static final String CLIENT_CONNECTION_CONTEXT
- See Also:
- Constant Field Values
-
-
Method Detail
-
postConstruct
public void postConstruct()
- Specified by:
postConstructin interfaceorg.glassfish.hk2.api.PostConstruct
-
getClientConnectionContext
public ConnectionContext getClientConnectionContext()
-
setClientConnectionContext
public void setClientConnectionContext(ConnectionContext scc)
-
getSSLPort
public com.sun.corba.ee.spi.transport.SocketInfo getSSLPort(com.sun.corba.ee.spi.ior.IOR ior, ConnectionContext ctx)This method determines if SSL should be used to connect to the target based on client and target policies. It will return null if SSL should not be used or an SocketInfo containing the SSL port if SSL should be used.
-
getOrb
public org.omg.CORBA.ORB getOrb()
-
setOrb
public void setOrb(org.omg.CORBA.ORB val)
-
getCtc
public CSIV2TaggedComponentInfo getCtc()
-
getSSLPorts
public List<com.sun.corba.ee.spi.transport.SocketInfo> getSSLPorts(com.sun.corba.ee.spi.ior.IOR ior, ConnectionContext ctx)
-
selectSecurityContext
public SecurityContext selectSecurityContext(com.sun.corba.ee.spi.ior.IOR ior) throws InvalidIdentityTokenException, InvalidMechanismException, SecurityMechanismException
Select the security context to be used by the CSIV2 layer based on whether the current component is an application client or a web/EJB component.
-
getSecurityContextForAppClient
public SecurityContext getSecurityContextForAppClient(ComponentInvocation ci, boolean sslUsed, boolean clientAuthOccurred, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism) throws InvalidMechanismException, InvalidIdentityTokenException, SecurityMechanismException
Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an appclient or standalone client.- Returns:
- the security context.
- Throws:
InvalidMechanismExceptionInvalidIdentityTokenExceptionSecurityMechanismException
-
getSecurityContextForWebOrEJB
public SecurityContext getSecurityContextForWebOrEJB(ComponentInvocation ci, boolean sslUsed, boolean clientAuthOccurred, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism) throws InvalidMechanismException, InvalidIdentityTokenException, SecurityMechanismException
Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an web component or EJB invoking another EJB.- Returns:
- the security context.
- Throws:
InvalidMechanismExceptionInvalidIdentityTokenExceptionSecurityMechanismException
-
isIdentityTypeSupported
public boolean isIdentityTypeSupported(com.sun.corba.ee.org.omg.CSIIOP.SAS_ContextSec sas)
-
selectSecurityMechanism
public com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech selectSecurityMechanism(com.sun.corba.ee.spi.ior.IOR ior) throws SecurityMechanismException- Throws:
SecurityMechanismException
-
evaluateTrust
public SecurityContext evaluateTrust(SecurityContext securityContext, byte[] objectId, Socket socket) throws SecurityMechanismException
Called by the target to interpret client credentials after validation.- Throws:
SecurityMechanismException
-
isSslRequired
public boolean isSslRequired()
-
traceIORs
public static boolean traceIORs()
-
getSecurityMechanismString
public String getSecurityMechanismString(CSIV2TaggedComponentInfo tCI, com.sun.corba.ee.spi.ior.IOR ior)
-
getSecurityMechanismString
public static String getSecurityMechanismString(CSIV2TaggedComponentInfo tCI, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech[] list, String name)
-
-