Package com.sun.enterprise.iiop.security
Class SecurityContextUtil
- java.lang.Object
-
- com.sun.enterprise.iiop.security.SecurityContextUtil
-
- All Implemented Interfaces:
org.glassfish.hk2.api.PostConstruct
@Service @Singleton public class SecurityContextUtil extends Object implements org.glassfish.hk2.api.PostConstruct
This class provides has the helper methods to deal with the SecurityContext. This represents the SecurityServiceImpl of V2- Author:
- Nithya Subramanian
-
-
Field Summary
Fields Modifier and Type Field Description static int
STATUS_FAILED
static int
STATUS_PASSED
static int
STATUS_RETRY
-
Constructor Summary
Constructors Constructor Description SecurityContextUtil()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityContext
getSecurityContext(org.omg.CORBA.Object effectiveTarget)
This is called by the CSIv2 interceptor on the client before sending the IIOP message.void
postConstruct()
static void
receivedReply(int reply_status, org.omg.CORBA.Object effective_target)
This is called by the CSIv2 interceptor on the client after a reply is received.void
sendingReply(SecurityContext context)
This is called by the CSIv2 interceptor on the server before sending the reply.int
setSecurityContext(SecurityContext context, byte[] objectId, String method, Socket socket)
This is called by the CSIv2 interceptor on the server after receiving the IIOP message.static void
unsetSecurityContext(boolean isLocal)
This is called on the server to unset the security context this is introduced to prevent the re-use of the thread security context on re-use of the thread.
-
-
-
Field Detail
-
STATUS_PASSED
public static final int STATUS_PASSED
- See Also:
- Constant Field Values
-
STATUS_FAILED
public static final int STATUS_FAILED
- See Also:
- Constant Field Values
-
STATUS_RETRY
public static final int STATUS_RETRY
- See Also:
- Constant Field Values
-
-
Method Detail
-
postConstruct
public void postConstruct()
- Specified by:
postConstruct
in interfaceorg.glassfish.hk2.api.PostConstruct
-
getSecurityContext
public SecurityContext getSecurityContext(org.omg.CORBA.Object effectiveTarget) throws InvalidMechanismException, InvalidIdentityTokenException
This is called by the CSIv2 interceptor on the client before sending the IIOP message.- Parameters:
the
- effective_target field of the PortableInterceptor ClientRequestInfo object.- Returns:
- a SecurityContext which is marshalled into the IIOP msg by the CSIv2 interceptor.
- Throws:
InvalidMechanismException
InvalidIdentityTokenException
-
receivedReply
public static void receivedReply(int reply_status, org.omg.CORBA.Object effective_target)
This is called by the CSIv2 interceptor on the client after a reply is received.- Parameters:
the
- reply status from the call. The reply status field could indicate an authentication retry. The following is the mapping of PI status to the reply_status field PortableInterceptor::SUCCESSFUL -> STATUS_PASSED PortableInterceptor::SYSTEM_EXCEPTION -> STATUS_FAILED PortableInterceptor::USER_EXCEPTION -> STATUS_PASSED PortableInterceptor::LOCATION_FORWARD -> STATUS_RETRY PortableInterceptor::TRANSPORT_RETRY -> STATUS_RETRYthe
- effective_target field of the PI ClientRequestInfo object.
-
setSecurityContext
public int setSecurityContext(SecurityContext context, byte[] objectId, String method, Socket socket)
This is called by the CSIv2 interceptor on the server after receiving the IIOP message. If authentication fails a FAILED status is returned. If a FAILED status is returned the CSIV2 Intercepter will marshal the MessageError service context and throw the NO_PERMISSION exception.- Parameters:
the
- SecurityContext which arrived in the IIOP message.- Returns:
- the status
-
sendingReply
public void sendingReply(SecurityContext context)
This is called by the CSIv2 interceptor on the server before sending the reply.- Parameters:
the
- SecurityContext which arrived in the IIOP message.
-
unsetSecurityContext
public static void unsetSecurityContext(boolean isLocal)
This is called on the server to unset the security context this is introduced to prevent the re-use of the thread security context on re-use of the thread.
-
-