[jboss-jira] [JBoss JIRA] Commented: (JBAS-8169) Make default values of org.jboss.metadata.IorSecurityConfigMetaData configurable

Stefan Guilhen (JIRA) jira-events at lists.jboss.org
Mon Jul 19 10:57:53 EDT 2010 

    [ https://jira.jboss.org/browse/JBAS-8169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12539910#action_12539910 ] 

Stefan Guilhen commented on JBAS-8169:
--------------------------------------

I'll take a look at the code to find out the best place to put the IOR configuration.

Regarding CSIv2 security settings propagation, it is wrong to say it doesn't happen. The application server security context is populated by the EjbObjectCorbaServant and EjbHomeCorbaServant. When the IIOP call reaches one of these servants, a regular org.jboss.invocation.Invocation object is created, populated, and then forwarded to the EJB container just like a JRMP call would have been. If you take a look at the servants, you will notice they retrieve a SASCurrent instance from the ORB and use this current object to obtain the security info (internally SASCurrent has a reference to the SASTargetInterceptor and uses this reference to obtain the security params). The security info is then inserted in the Invocation object and the invocation is dispatched to the EJB container.

So if the call is routed through the EJB servants, the security context will be created later on by the EJB container security interceptors. If you have a different servant, you will have to code something similar to what we have in the EJB servants yourself.

> Make default values of org.jboss.metadata.IorSecurityConfigMetaData configurable
> --------------------------------------------------------------------------------
>
>                 Key: JBAS-8169
>                 URL: https://jira.jboss.org/browse/JBAS-8169
>             Project: JBoss Application Server
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: IIOP service
>    Affects Versions: JBossAS-4.2.2.GA, JBossAS-5.1.0.GA, 6.0.0.M3
>            Reporter: Dimitris Andreadis
>            Assignee: Stefan Guilhen
>
> User wants to allow the configuration of all IOR default parameters that are hard coded in org.jboss.metadata.IorSecurityConfigMetaData ([SasContext : callerPropagation] and [AsContext : authMethod, realm, required] and [TransportConfig : integrity, confidentiality, detectMisordering, detectReplay, establishTrustInTarget, establishTrustInClient]).
> Mostly they want to be able to configure [AsContext : realm] and [SasContext : callerPropagation]

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list