use of com.sun.corba.ee.org.omg.CSI.EstablishContext in project Payara by payara.
the class Counter method receive_request.
@Override
public void receive_request(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
// SecurityContext to be sent
SecurityContext securityContext = null;
// service context
ServiceContext serviceContext = null;
int status = 0;
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "++++ Entered " + prname + "receive_request");
}
ORB orb = orbHelper.getORB();
try {
serviceContext = serverRequestInfo.get_request_service_context(SECURITY_ATTRIBUTE_SERVICE_ID);
if (serviceContext == null) {
handle_null_service_context(serverRequestInfo, orb);
return;
}
} catch (BAD_PARAM e) {
handle_null_service_context(serverRequestInfo, orb);
return;
}
if (logger.isLoggable(FINE)) {
logger.log(FINE, "Received a non null SAS context element");
}
// Decode the service context field
Any SasAny;
try {
SasAny = codec.decode_value(serviceContext.context_data, SASContextBodyHelper.type());
} catch (Exception e) {
logger.log(SEVERE, "iiop.decode_exception", e);
throw new SecurityException(localStrings.getLocalString("secserverreqinterceptor.err_cdr_decode", "CDR Decoding error for SAS context element."));
}
if (logger.isLoggable(FINE)) {
logger.log(FINE, "Successfully decoded CDR encoded SAS context element.");
}
SASContextBody sasctxbody = SASContextBodyHelper.extract(SasAny);
short sasdiscr = sasctxbody.discriminator();
if (logger.isLoggable(FINE)) {
logger.log(FINE, "SAS context element is a/an " + SvcContextUtils.getMsgname(sasdiscr) + " message");
}
if (sasdiscr == MTMessageInContext.value) {
sasctxbody = createContextError(SvcContextUtils.MessageInContextMinor);
serviceContext = createSvcContext(sasctxbody, orb);
if (logger.isLoggable(FINE)) {
logger.log(FINE, "Adding ContextError message to service context list");
logger.log(FINE, "SecurityContext set to null");
}
serverRequestInfo.add_reply_service_context(serviceContext, NO_REPLACE);
throw new NO_PERMISSION();
}
if (sasdiscr != MTEstablishContext.value) {
logger.log(SEVERE, "iiop.not_establishcontext_msg");
throw new SecurityException(localStrings.getLocalString("secserverreqinterceptor.err_not_ec_msg", "Received message not an EstablishContext message."));
}
EstablishContext establishContext = sasctxbody.establish_msg();
securityContext = new SecurityContext();
securityContext.subject = new Subject();
try {
if (establishContext.client_authentication_token.length != 0) {
if (logger.isLoggable(FINE)) {
logger.log(FINE, "Message contains Client Authentication Token");
}
createAuthCredential(securityContext, establishContext.client_authentication_token, orb);
}
} catch (Exception e) {
logger.log(SEVERE, "iiop.authentication_exception", e);
throw new SecurityException(localStrings.getLocalString("secsercverreqinterceptor.err_cred_create", "Error while creating a JAAS subject credential."));
}
try {
if (establishContext.identity_token != null) {
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "Message contains an Identity Token");
}
createIdCred(securityContext, establishContext.identity_token);
}
} catch (SecurityException secex) {
logger.log(SEVERE, "iiop.security_exception", secex);
sasctxbody = createContextError(INVALID_MECHANISM_MAJOR, INVALID_MECHANISM_MINOR);
serviceContext = createSvcContext(sasctxbody, orb);
serverRequestInfo.add_reply_service_context(serviceContext, NO_REPLACE);
throw new NO_PERMISSION();
} catch (Exception e) {
logger.log(SEVERE, "iiop.generic_exception", e);
throw new SecurityException(localStrings.getLocalString("secsercverreqinterceptor.err_cred_create", "Error while creating a JAAS subject credential."));
}
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "Invoking setSecurityContext() to set security context");
}
status = secContextUtil.setSecurityContext(securityContext, serverRequestInfo.object_id(), serverRequestInfo.operation(), getServerSocket());
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "setSecurityContext() returned status code " + status);
}
/**
* CSIV2 SPEC NOTE:
*
* If ec.client_context_id is non zero, then this is a stateful request. As specified in section
* 4.2.1, a stateless server must attempt to validate the security tokens in the security context
* field. If validation succeeds then CompleteEstablishContext message is sent back. If validation
* fails, a ContextError must be sent back.
*/
if (status == STATUS_FAILED) {
if (logger.isLoggable(FINE)) {
logger.log(FINE, "setSecurityContext() returned STATUS_FAILED");
}
sasctxbody = createContextError(status);
serviceContext = createSvcContext(sasctxbody, orb);
if (logger.isLoggable(FINE)) {
logger.log(FINE, "Adding ContextError message to service context list");
}
serverRequestInfo.add_reply_service_context(serviceContext, NO_REPLACE);
throw new NO_PERMISSION();
}
if (logger.isLoggable(FINE)) {
logger.log(FINE, "setSecurityContext() returned SUCCESS");
}
sasctxbody = createCompleteEstablishContext(status);
serviceContext = createSvcContext(sasctxbody, orb);
if (logger.isLoggable(FINE)) {
logger.log(FINE, "Adding CompleteEstablisContext message to service context list");
}
serverRequestInfo.add_reply_service_context(serviceContext, NO_REPLACE);
}
Aggregations