[jboss-cvs] JBossAS SVN: r64028 - trunk/iiop/src/main/org/jboss/iiop/csiv2.

Fri Jul 13 06:38:37 EDT 2007

Author: dimitris at jboss.org
Date: 2007-07-13 06:38:36 -0400 (Fri, 13 Jul 2007)
New Revision: 64028

Modified:
   trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java
Log:
JBAS-4541, Authentication Service (AS) Context stored in CSIv2 encoded IORs shouldn't indicate EstablishTrustInClient supported when AUTH_METHOD_NONE

Modified: trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java
===================================================================

--- trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java	2007-07-13 09:00:09 UTC (rev 64027)
+++ trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java	2007-07-13 10:38:36 UTC (rev 64028)
@@ -1,43 +1,44 @@
 /*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
 package org.jboss.iiop.csiv2;
 
-import java.net.InetAddress;
 import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
 
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
+import org.jboss.logging.Logger;
+import org.jboss.metadata.IorSecurityConfigMetaData;
+import org.jboss.metadata.IorSecurityConfigMetaData.AsContext;
+import org.jboss.metadata.IorSecurityConfigMetaData.SasContext;
+import org.jboss.metadata.IorSecurityConfigMetaData.TransportConfig;
 import org.omg.CORBA.Any;
 import org.omg.CORBA.BAD_PARAM;
 import org.omg.CORBA.MARSHAL;
 import org.omg.CORBA.ORB;
-
-import org.omg.IOP.Codec;
-import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
-import org.omg.IOP.TaggedComponent;
-
 import org.omg.CSI.ITTAnonymous;
+import org.omg.CSI.ITTDistinguishedName;
 import org.omg.CSI.ITTPrincipalName;
 import org.omg.CSI.ITTX509CertChain;
-import org.omg.CSI.ITTDistinguishedName;
-
 import org.omg.CSIIOP.AS_ContextSec;
 import org.omg.CSIIOP.CompoundSecMech;
 import org.omg.CSIIOP.CompoundSecMechList;
@@ -57,27 +58,17 @@
 import org.omg.CSIIOP.TLS_SEC_TRANS;
 import org.omg.CSIIOP.TLS_SEC_TRANSHelper;
 import org.omg.CSIIOP.TransportAddress;
-
 import org.omg.GSSUP.GSSUPMechOID;
 import org.omg.GSSUP.InitialContextToken;
 import org.omg.GSSUP.InitialContextTokenHelper;
-
+import org.omg.IOP.Codec;
+import org.omg.IOP.TaggedComponent;
+import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
 import org.omg.PortableInterceptor.ClientRequestInfo;
-
 import org.omg.SSLIOP.SSL;
 import org.omg.SSLIOP.SSLHelper;
 import org.omg.SSLIOP.TAG_SSL_SEC_TRANS;
 
-import org.ietf.jgss.GSSException;
-import org.ietf.jgss.Oid;
-
-import org.jboss.metadata.IorSecurityConfigMetaData;
-import org.jboss.metadata.IorSecurityConfigMetaData.TransportConfig;
-import org.jboss.metadata.IorSecurityConfigMetaData.AsContext;
-import org.jboss.metadata.IorSecurityConfigMetaData.SasContext;
-
-import org.jboss.logging.Logger;
-
 /**
  * Helper class
  *
@@ -324,7 +315,7 @@
       AS_ContextSec context = null;
       
       // the content of the context
-      int support = EstablishTrustInClient.value; // per default support this
+      int support = 0;
       int require = 0;
       byte[] clientAuthMech = {};
       byte[] targetName = {};
@@ -335,11 +326,8 @@
       // if no AS context metatada exists, or authentication method
       // "none" is specified, we can produce an empty AS context
       if( asMeta == null || asMeta.getAuthMethod().equals(AsContext.AUTH_METHOD_NONE)
-         || asMeta.isRequired() == false )
+         /*|| asMeta.isRequired() == false*/ )
       {
-         // TODO: check if an empty AS context may contain a target name.
-         targetName = encodeGssExportedName(targetName);
-         
          context = new AS_ContextSec((short) support,
             (short) require,
             clientAuthMech,
@@ -347,6 +335,9 @@
       }
       else
       {
+         // we do support
+         support = EstablishTrustInClient.value;
+         
          // required depends on the metadata
          if( asMeta.isRequired() )
             require = EstablishTrustInClient.value;


