[jboss-cvs] JBossAS SVN: r64028 - trunk/iiop/src/main/org/jboss/iiop/csiv2.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jul 13 06:38:37 EDT 2007
Author: dimitris at jboss.org
Date: 2007-07-13 06:38:36 -0400 (Fri, 13 Jul 2007)
New Revision: 64028
Modified:
trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java
Log:
JBAS-4541, Authentication Service (AS) Context stored in CSIv2 encoded IORs shouldn't indicate EstablishTrustInClient supported when AUTH_METHOD_NONE
Modified: trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java
===================================================================
--- trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java 2007-07-13 09:00:09 UTC (rev 64027)
+++ trunk/iiop/src/main/org/jboss/iiop/csiv2/CSIv2Util.java 2007-07-13 10:38:36 UTC (rev 64028)
@@ -1,43 +1,44 @@
/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.iiop.csiv2;
-import java.net.InetAddress;
import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
+import org.jboss.logging.Logger;
+import org.jboss.metadata.IorSecurityConfigMetaData;
+import org.jboss.metadata.IorSecurityConfigMetaData.AsContext;
+import org.jboss.metadata.IorSecurityConfigMetaData.SasContext;
+import org.jboss.metadata.IorSecurityConfigMetaData.TransportConfig;
import org.omg.CORBA.Any;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.MARSHAL;
import org.omg.CORBA.ORB;
-
-import org.omg.IOP.Codec;
-import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
-import org.omg.IOP.TaggedComponent;
-
import org.omg.CSI.ITTAnonymous;
+import org.omg.CSI.ITTDistinguishedName;
import org.omg.CSI.ITTPrincipalName;
import org.omg.CSI.ITTX509CertChain;
-import org.omg.CSI.ITTDistinguishedName;
-
import org.omg.CSIIOP.AS_ContextSec;
import org.omg.CSIIOP.CompoundSecMech;
import org.omg.CSIIOP.CompoundSecMechList;
@@ -57,27 +58,17 @@
import org.omg.CSIIOP.TLS_SEC_TRANS;
import org.omg.CSIIOP.TLS_SEC_TRANSHelper;
import org.omg.CSIIOP.TransportAddress;
-
import org.omg.GSSUP.GSSUPMechOID;
import org.omg.GSSUP.InitialContextToken;
import org.omg.GSSUP.InitialContextTokenHelper;
-
+import org.omg.IOP.Codec;
+import org.omg.IOP.TaggedComponent;
+import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
import org.omg.PortableInterceptor.ClientRequestInfo;
-
import org.omg.SSLIOP.SSL;
import org.omg.SSLIOP.SSLHelper;
import org.omg.SSLIOP.TAG_SSL_SEC_TRANS;
-import org.ietf.jgss.GSSException;
-import org.ietf.jgss.Oid;
-
-import org.jboss.metadata.IorSecurityConfigMetaData;
-import org.jboss.metadata.IorSecurityConfigMetaData.TransportConfig;
-import org.jboss.metadata.IorSecurityConfigMetaData.AsContext;
-import org.jboss.metadata.IorSecurityConfigMetaData.SasContext;
-
-import org.jboss.logging.Logger;
-
/**
* Helper class
*
@@ -324,7 +315,7 @@
AS_ContextSec context = null;
// the content of the context
- int support = EstablishTrustInClient.value; // per default support this
+ int support = 0;
int require = 0;
byte[] clientAuthMech = {};
byte[] targetName = {};
@@ -335,11 +326,8 @@
// if no AS context metatada exists, or authentication method
// "none" is specified, we can produce an empty AS context
if( asMeta == null || asMeta.getAuthMethod().equals(AsContext.AUTH_METHOD_NONE)
- || asMeta.isRequired() == false )
+ /*|| asMeta.isRequired() == false*/ )
{
- // TODO: check if an empty AS context may contain a target name.
- targetName = encodeGssExportedName(targetName);
-
context = new AS_ContextSec((short) support,
(short) require,
clientAuthMech,
@@ -347,6 +335,9 @@
}
else
{
+ // we do support
+ support = EstablishTrustInClient.value;
+
// required depends on the metadata
if( asMeta.isRequired() )
require = EstablishTrustInClient.value;
More information about the jboss-cvs-commits
mailing list