maguro 2005/03/26 21:04:42
Modified: modules/core/src/java/org/openejb/corba/security/config/tss
TSSASMechConfig.java TSSCompoundSecMechConfig.java
TSSCompoundSecMechListConfig.java TSSConfig.java
TSSGSSExportedNameConfig.java
TSSGSSUPMechConfig.java TSSGeneralNameConfig.java
TSSNULLASMechConfig.java
TSSNULLTransportConfig.java TSSSASMechConfig.java
TSSSECIOPTransportConfig.java
TSSSSLTransportConfig.java
TSSServiceConfigurationConfig.java
TSSTransportMechConfig.java
Log:
Updated to use the default Sun ORB.
Revision Changes Path
1.2 +3 -2
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSASMechConfig.java
Index: TSSASMechConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSASMechConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSASMechConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSASMechConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -50,8 +50,9 @@
import java.io.Serializable;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.AS_ContextSec;
import org.omg.IOP.Codec;
+
+import org.apache.geronimo.interop.CSIIOP.AS_ContextSec;
/**
1.2 +3 -2
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSCompoundSecMechConfig.java
Index: TSSCompoundSecMechConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSCompoundSecMechConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSCompoundSecMechConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSCompoundSecMechConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -50,8 +50,9 @@
import java.io.Serializable;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.CompoundSecMech;
import org.omg.IOP.Codec;
+
+import org.apache.geronimo.interop.CSIIOP.CompoundSecMech;
/**
1.2 +6 -5
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSCompoundSecMechListConfig.java
Index: TSSCompoundSecMechListConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSCompoundSecMechListConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSCompoundSecMechListConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSCompoundSecMechListConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -52,12 +52,13 @@
import org.omg.CORBA.Any;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.CompoundSecMech;
-import org.omg.CSIIOP.CompoundSecMechList;
-import org.omg.CSIIOP.CompoundSecMechListHelper;
-import org.omg.CSIIOP.TAG_CSI_SEC_MECH_LIST;
import org.omg.IOP.Codec;
import org.omg.IOP.TaggedComponent;
+
+import org.apache.geronimo.interop.CSIIOP.CompoundSecMech;
+import org.apache.geronimo.interop.CSIIOP.CompoundSecMechList;
+import org.apache.geronimo.interop.CSIIOP.CompoundSecMechListHelper;
+import org.apache.geronimo.interop.CSIIOP.TAG_CSI_SEC_MECH_LIST;
/**
1.3 +5 -5
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSConfig.java
Index: TSSConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSConfig.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- TSSConfig.java 12 Mar 2005 17:04:54 -0000 1.2
+++ TSSConfig.java 27 Mar 2005 02:04:41 -0000 1.3
@@ -48,17 +48,17 @@
package org.openejb.corba.security.config.tss;
import java.io.Serializable;
-import java.security.Principal;
import javax.net.ssl.SSLSession;
import javax.security.auth.Subject;
-import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
-import org.omg.CSI.EstablishContext;
import org.omg.IOP.Codec;
import org.omg.IOP.TaggedComponent;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
+import org.apache.geronimo.interop.CSI.EstablishContext;
+
+import org.openejb.corba.security.SASException;
/**
@@ -103,7 +103,7 @@
return mechListConfig.encodeIOR(orb, codec);
}
- public Subject check(SSLSession session, EstablishContext msg) throws
NO_PERMISSION {
+ public Subject check(SSLSession session, EstablishContext msg) throws
SASException {
Subject result = transport_mech.check(session);
1.2 +4 -4
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSGSSExportedNameConfig.java
Index: TSSGSSExportedNameConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSGSSExportedNameConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSGSSExportedNameConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSGSSExportedNameConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -44,8 +44,8 @@
*/
package org.openejb.corba.security.config.tss;
-import org.omg.CSIIOP.SCS_GSSExportedName;
-import org.omg.CSIIOP.ServiceConfiguration;
+import org.apache.geronimo.interop.CSIIOP.SCS_GSSExportedName;
+import org.apache.geronimo.interop.CSIIOP.ServiceConfiguration;
import org.openejb.corba.security.config.ConfigException;
import org.openejb.corba.util.Util;
1.2 +5 -4
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSGSSUPMechConfig.java
Index: TSSGSSUPMechConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSGSSUPMechConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSGSSUPMechConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSGSSUPMechConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -48,10 +48,11 @@
package org.openejb.corba.security.config.tss;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.AS_ContextSec;
-import org.omg.CSIIOP.EstablishTrustInClient;
-import org.omg.GSSUP.GSSUPMechOID;
import org.omg.IOP.Codec;
+
+import org.apache.geronimo.interop.CSIIOP.AS_ContextSec;
+import org.apache.geronimo.interop.CSIIOP.EstablishTrustInClient;
+import org.apache.geronimo.interop.GSSUP.GSSUPMechOID;
import org.openejb.corba.util.Util;
1.2 +4 -4
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSGeneralNameConfig.java
Index: TSSGeneralNameConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSGeneralNameConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSGeneralNameConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSGeneralNameConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -46,8 +46,8 @@
import java.io.IOException;
-import org.omg.CSIIOP.SCS_GeneralNames;
-import org.omg.CSIIOP.ServiceConfiguration;
+import org.apache.geronimo.interop.CSIIOP.SCS_GeneralNames;
+import org.apache.geronimo.interop.CSIIOP.ServiceConfiguration;
import org.openejb.corba.security.config.ConfigException;
import org.openejb.corba.util.Util;
1.2 +3 -2
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSNULLASMechConfig.java
Index: TSSNULLASMechConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSNULLASMechConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSNULLASMechConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSNULLASMechConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -48,8 +48,9 @@
package org.openejb.corba.security.config.tss;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.AS_ContextSec;
import org.omg.IOP.Codec;
+
+import org.apache.geronimo.interop.CSIIOP.AS_ContextSec;
/**
1.3 +7 -5
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSNULLTransportConfig.java
Index: TSSNULLTransportConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSNULLTransportConfig.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- TSSNULLTransportConfig.java 12 Mar 2005 17:04:54 -0000 1.2
+++ TSSNULLTransportConfig.java 27 Mar 2005 02:04:41 -0000 1.3
@@ -50,11 +50,13 @@
import javax.net.ssl.SSLSession;
import javax.security.auth.Subject;
-import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.TAG_NULL_TAG;
import org.omg.IOP.Codec;
-import org.omg.IOP.TaggedComponent;
+
+import org.apache.geronimo.interop.CSIIOP.TAG_NULL_TAG;
+import org.apache.geronimo.interop.IOP.TaggedComponent;
+
+import org.openejb.corba.security.SASException;
/**
@@ -81,7 +83,7 @@
return result;
}
- public Subject check(SSLSession session) throws NO_PERMISSION {
+ public Subject check(SSLSession session) throws SASException {
return new Subject();
}
}
1.2 +8 -7
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSSASMechConfig.java
Index: TSSSASMechConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSSASMechConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSSASMechConfig.java 8 Mar 2005 04:08:34 -0000 1.1
+++ TSSSASMechConfig.java 27 Mar 2005 02:04:41 -0000 1.2
@@ -52,13 +52,14 @@
import java.util.Iterator;
import org.omg.CORBA.ORB;
-import org.omg.CSI.ITTAbsent;
-import org.omg.CSI.ITTPrincipalName;
-import org.omg.CSIIOP.DelegationByClient;
-import org.omg.CSIIOP.IdentityAssertion;
-import org.omg.CSIIOP.SAS_ContextSec;
-import org.omg.CSIIOP.ServiceConfiguration;
import org.omg.IOP.Codec;
+
+import org.apache.geronimo.interop.CSI.ITTAbsent;
+import org.apache.geronimo.interop.CSI.ITTPrincipalName;
+import org.apache.geronimo.interop.CSIIOP.DelegationByClient;
+import org.apache.geronimo.interop.CSIIOP.IdentityAssertion;
+import org.apache.geronimo.interop.CSIIOP.SAS_ContextSec;
+import org.apache.geronimo.interop.CSIIOP.ServiceConfiguration;
import org.openejb.corba.util.Util;
1.3 +10 -9
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSSECIOPTransportConfig.java
Index: TSSSECIOPTransportConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSSECIOPTransportConfig.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- TSSSECIOPTransportConfig.java 12 Mar 2005 17:04:54 -0000 1.2
+++ TSSSECIOPTransportConfig.java 27 Mar 2005 02:04:41 -0000 1.3
@@ -54,17 +54,18 @@
import javax.security.auth.Subject;
import org.omg.CORBA.Any;
-import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.SECIOP_SEC_TRANS;
-import org.omg.CSIIOP.SECIOP_SEC_TRANSHelper;
-import org.omg.CSIIOP.TAG_SECIOP_SEC_TRANS;
-import org.omg.CSIIOP.TLS_SEC_TRANSHelper;
-import org.omg.CSIIOP.TransportAddress;
import org.omg.IOP.Codec;
-import org.omg.IOP.TaggedComponent;
import org.openorb.orb.csiv2.ASN1Utils;
+import org.apache.geronimo.interop.CSIIOP.SECIOP_SEC_TRANS;
+import org.apache.geronimo.interop.CSIIOP.SECIOP_SEC_TRANSHelper;
+import org.apache.geronimo.interop.CSIIOP.TAG_SECIOP_SEC_TRANS;
+import org.apache.geronimo.interop.CSIIOP.TLS_SEC_TRANSHelper;
+import org.apache.geronimo.interop.CSIIOP.TransportAddress;
+import org.apache.geronimo.interop.IOP.TaggedComponent;
+
+import org.openejb.corba.security.SASException;
import org.openejb.corba.util.Util;
@@ -162,7 +163,7 @@
return result;
}
- public Subject check(SSLSession session) throws NO_PERMISSION {
+ public Subject check(SSLSession session) throws SASException {
return new Subject();
}
1.4 +24 -10
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSSSLTransportConfig.java
Index: TSSSSLTransportConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSSSLTransportConfig.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- TSSSSLTransportConfig.java 14 Mar 2005 02:12:46 -0000 1.3
+++ TSSSSLTransportConfig.java 27 Mar 2005 02:04:41 -0000 1.4
@@ -59,13 +59,17 @@
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
import org.omg.CORBA.UserException;
-import org.omg.CSIIOP.TAG_NULL_TAG;
-import org.omg.CSIIOP.TAG_TLS_SEC_TRANS;
-import org.omg.CSIIOP.TLS_SEC_TRANS;
-import org.omg.CSIIOP.TLS_SEC_TRANSHelper;
-import org.omg.CSIIOP.TransportAddress;
import org.omg.IOP.Codec;
-import org.omg.IOP.TaggedComponent;
+
+import org.apache.geronimo.interop.CSIIOP.EstablishTrustInClient;
+import org.apache.geronimo.interop.CSIIOP.TAG_NULL_TAG;
+import org.apache.geronimo.interop.CSIIOP.TAG_TLS_SEC_TRANS;
+import org.apache.geronimo.interop.CSIIOP.TLS_SEC_TRANS;
+import org.apache.geronimo.interop.CSIIOP.TLS_SEC_TRANSHelper;
+import org.apache.geronimo.interop.CSIIOP.TransportAddress;
+import org.apache.geronimo.interop.IOP.TaggedComponent;
+
+import org.openejb.corba.security.SASException;
/**
@@ -75,7 +79,7 @@
*/
public class TSSSSLTransportConfig extends TSSTransportMechConfig {
- private final transient Log log =
LogFactory.getLog(TSSSSLTransportConfig.class);
+ private final static Log log =
LogFactory.getLog(TSSSSLTransportConfig.class);
private short port;
private String hostname;
@@ -162,17 +166,27 @@
return result;
}
- public Subject check(SSLSession session) throws NO_PERMISSION {
+ public Subject check(SSLSession session) throws SASException {
if (session == null && requires != 0) throw new
NO_PERMISSION("Missing required SSL session");
try {
+ if (log.isDebugEnabled()) log.debug("Scraping principal from SSL
session");
+
X509Certificate link = session.getPeerCertificateChain()[0];
Subject subject = new Subject();
+ String name = link.getSubjectDN().toString();
+
+ if (log.isDebugEnabled()) log.debug("Obtained principal " +
name);
- subject.getPrincipals().add(new
X500Principal(link.getSubjectDN().toString()));
+ subject.getPrincipals().add(new X500Principal(name));
return subject;
} catch (SSLPeerUnverifiedException e) {
+ if ((requires & EstablishTrustInClient.value) != 0) {
+ if (log.isDebugEnabled()) log.debug("Unverified peer,
throwing exception");
+ throw new SASException(1);
+ }
+ if (log.isDebugEnabled()) log.debug("Unverified peer, using
empty subject");
return new Subject();
}
}
1.2 +5 -5
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSServiceConfigurationConfig.java
Index: TSSServiceConfigurationConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSServiceConfigurationConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- TSSServiceConfigurationConfig.java 8 Mar 2005 04:08:34 -0000
1.1
+++ TSSServiceConfigurationConfig.java 27 Mar 2005 02:04:41 -0000
1.2
@@ -46,9 +46,9 @@
import java.io.Serializable;
-import org.omg.CSIIOP.SCS_GSSExportedName;
-import org.omg.CSIIOP.SCS_GeneralNames;
-import org.omg.CSIIOP.ServiceConfiguration;
+import org.apache.geronimo.interop.CSIIOP.SCS_GSSExportedName;
+import org.apache.geronimo.interop.CSIIOP.SCS_GeneralNames;
+import org.apache.geronimo.interop.CSIIOP.ServiceConfiguration;
import org.openejb.corba.security.config.ConfigException;
1.3 +9 -7
openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSTransportMechConfig.java
Index: TSSTransportMechConfig.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/corba/security/config/tss/TSSTransportMechConfig.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- TSSTransportMechConfig.java 12 Mar 2005 17:04:54 -0000 1.2
+++ TSSTransportMechConfig.java 27 Mar 2005 02:04:41 -0000 1.3
@@ -53,13 +53,15 @@
import javax.net.ssl.SSLSession;
import javax.security.auth.Subject;
-import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
-import org.omg.CSIIOP.TAG_NULL_TAG;
-import org.omg.CSIIOP.TAG_SECIOP_SEC_TRANS;
-import org.omg.CSIIOP.TAG_TLS_SEC_TRANS;
import org.omg.IOP.Codec;
-import org.omg.IOP.TaggedComponent;
+
+import org.apache.geronimo.interop.CSIIOP.TAG_NULL_TAG;
+import org.apache.geronimo.interop.CSIIOP.TAG_SECIOP_SEC_TRANS;
+import org.apache.geronimo.interop.CSIIOP.TAG_TLS_SEC_TRANS;
+import org.apache.geronimo.interop.IOP.TaggedComponent;
+
+import org.openejb.corba.security.SASException;
/**
@@ -111,6 +113,6 @@
return result;
}
- public abstract Subject check(SSLSession session) throws NO_PERMISSION;
+ public abstract Subject check(SSLSession session) throws SASException;
}
