Example 1 with SSL
use of org.omg.SSLIOP.SSL in project wildfly by wildfly.
the class CSIv2Util method createSSLTaggedComponent.
/**
* <p>
* Return a top-level {@code IOP::TaggedComponent} to be stuffed into an IOR, containing a structure
* {@code SSLIOP::SSL}, tagged as {@code TAG_SSL_SEC_TRANS}.
* </p>
* <p>
* Should be called with non-null metadata, in which case we probably don't want to include security info in the IOR.
* </p>
*
* @param metadata the metadata object that contains the SSL configuration info.
* @param codec the {@code Codec} used to encode the SSL component.
* @param sslPort an {@code int} representing the SSL port.
* @param orb a reference to the running {@code ORB}.
* @return a {@code TaggedComponent} representing the encoded SSL component.
*/
public static TaggedComponent createSSLTaggedComponent(IORSecurityConfigMetaData metadata, Codec codec, int sslPort, ORB orb) {
if (metadata == null) {
IIOPLogger.ROOT_LOGGER.debug("Method createSSLTaggedComponent() called with null metadata");
return null;
}
if (sslPort == 0) {
// no support for transport security.
return null;
}
TaggedComponent tc;
try {
int supports = createTargetSupports(metadata.getTransportConfig());
int requires = createTargetRequires(metadata.getTransportConfig());
SSL ssl = new SSL((short) supports, (short) requires, (short) sslPort);
Any any = orb.create_any();
SSLHelper.insert(any, ssl);
byte[] componentData = codec.encode_value(any);
tc = new TaggedComponent(TAG_SSL_SEC_TRANS.value, componentData);
} catch (InvalidTypeForEncoding e) {
throw IIOPLogger.ROOT_LOGGER.unexpectedException(e);
}
return tc;
}
Also used :
TaggedComponent(org.omg.IOP.TaggedComponent)
SSL(org.omg.SSLIOP.SSL)
Any(org.omg.CORBA.Any)
InvalidTypeForEncoding(org.omg.IOP.CodecPackage.InvalidTypeForEncoding)
Example 2 with SSL
use of org.omg.SSLIOP.SSL in project wildfly by wildfly.
the class CSIV2IORToSocketInfo method getSSL.
private SSL getSSL(IOR ior) {
Iterator iter = ior.getProfile().getTaggedProfileTemplate().iteratorById(TAG_SSL_SEC_TRANS.value);
if (!iter.hasNext()) {
return null;
}
ORB orb = ior.getORB();
TaggedComponent compList = ((com.sun.corba.se.spi.ior.TaggedComponent) iter.next()).getIOPComponent(orb);
CDRInputStream in = doPrivileged(new PrivilegedAction<CDRInputStream>() {
@Override
public CDRInputStream run() {
return new EncapsInputStream(orb, compList.component_data, compList.component_data.length);
}
});
in.consumeEndian();
SSL ssl = SSLHelper.read(in);
boolean targetRequiresSsl = ssl.target_requires > 0;
boolean targetSupportsSsl = ssl.target_supports > 0;
if (!targetSupportsSsl && clientRequiresSsl) {
throw IIOPLogger.ROOT_LOGGER.serverDoesNotSupportSsl();
}
return targetSupportsSsl && (targetRequiresSsl || clientRequiresSsl) ? ssl : null;
}
Also used :
TaggedComponent(org.omg.IOP.TaggedComponent)
CDRInputStream(com.sun.corba.se.impl.encoding.CDRInputStream)
EncapsInputStream(com.sun.corba.se.impl.encoding.EncapsInputStream)
Iterator(java.util.Iterator)
SSL(org.omg.SSLIOP.SSL)
ORB(com.sun.corba.se.spi.orb.ORB)
Example 3 with SSL
use of org.omg.SSLIOP.SSL in project wildfly by wildfly.
the class CSIV2IORToSocketInfo method getSocketInfo.
public List getSocketInfo(IOR ior) {
List result = new ArrayList();
IIOPProfileTemplate iiopProfileTemplate = (IIOPProfileTemplate) ior.getProfile().getTaggedProfileTemplate();
IIOPAddress primary = iiopProfileTemplate.getPrimaryAddress();
String hostname = primary.getHost().toLowerCase(Locale.ENGLISH);
int primaryPort = primary.getPort();
// NOTE: we could check for 0 (i.e., CSIv2) but, for a
// non-CSIv2-configured client ORB talking to a CSIv2 configured
// server ORB you might end up with an empty contact info list
// which would then report a failure which would not be as
// instructive as leaving a ContactInfo with a 0 port in the list.
SocketInfo socketInfo;
TransportAddress sslAddress = selectSSLTransportAddress(ior);
SSL ssl = getSSL(ior);
if (sslAddress != null) {
socketInfo = createSSLSocketInfo(hostname, sslAddress.port);
} else if (ssl != null) {
socketInfo = createSSLSocketInfo(hostname, ssl.port);
} else {
// FIXME not all corba object export ssl port
// if (clientRequiresSsl) {
// throw new RuntimeException("Client requires SSL but target does not support it");
// }
socketInfo = createSocketInfo(hostname, primaryPort);
}
result.add(socketInfo);
addAlternateSocketInfos(iiopProfileTemplate, result);
return result;
}
Also used :
TransportAddress(org.omg.CSIIOP.TransportAddress)
IIOPAddress(com.sun.corba.se.spi.ior.iiop.IIOPAddress)
ArrayList(java.util.ArrayList)
IIOPProfileTemplate(com.sun.corba.se.spi.ior.iiop.IIOPProfileTemplate)
IORToSocketInfo(com.sun.corba.se.spi.transport.IORToSocketInfo)
SocketInfo(com.sun.corba.se.spi.transport.SocketInfo)
ArrayList(java.util.ArrayList)
List(java.util.List)
CompoundSecMechList(org.omg.CSIIOP.CompoundSecMechList)
SSL(org.omg.SSLIOP.SSL)
Aggregations
SSL (org.omg.SSLIOP.SSL)3
TaggedComponent (org.omg.IOP.TaggedComponent)2
CDRInputStream (com.sun.corba.se.impl.encoding.CDRInputStream)1
EncapsInputStream (com.sun.corba.se.impl.encoding.EncapsInputStream)1
IIOPAddress (com.sun.corba.se.spi.ior.iiop.IIOPAddress)1
IIOPProfileTemplate (com.sun.corba.se.spi.ior.iiop.IIOPProfileTemplate)1
ORB (com.sun.corba.se.spi.orb.ORB)1
IORToSocketInfo (com.sun.corba.se.spi.transport.IORToSocketInfo)1
SocketInfo (com.sun.corba.se.spi.transport.SocketInfo)1
ArrayList (java.util.ArrayList)1
Iterator (java.util.Iterator)1
List (java.util.List)1
Any (org.omg.CORBA.Any)1
CompoundSecMechList (org.omg.CSIIOP.CompoundSecMechList)1
TransportAddress (org.omg.CSIIOP.TransportAddress)1
InvalidTypeForEncoding (org.omg.IOP.CodecPackage.InvalidTypeForEncoding)1
