[omniORB] Security/Authentication/Interceptors

Bill Noon noon@snow.nrcc.cornell.edu
Thu Feb 27 21:43:01 2003


Kendall -- Thanks for the comments.

On Thursday, February 27, 2003, at 03:50 PM, baileyk@schneider.com 
wrote:

> I assume this is safe only for a client with a single application 
> thread?
> It looks like ucan_secure_ticket is shared by all threads and can only 
> hold
> one value.  Perhaps you should use thread specific storage on the 
> client
> side too?

Well, I was looking to have only one ticket/client.  I probably should 
consider /thread storage, but didn't want to add the complexity.

> Otherwise what if a client is also a server?

If the client is a server, it would look a the context from its client 
but also maintain its own, single, token.

> Also, why are these
> three
>
> omni_thread::key_t key;
> const IOP::ServiceID UCAN_SECURE = 0x52434301;
> char * ucan_secure_ticket = 0;
>
> not declared static?
>
Maybe because I don't know what I am doing in c++?

> Thank you for the code.  I'm sure it will come in handy if I need to do
> something similar.
>
> Just to throw a simple option out there for passing around user 
> identity:
> How about placing them in the object id?

I wanted to know who was calling methods on an object.  The object can 
be passed around, but I need to know who calls it.

--Bill Noon
Northeast Regional Climate Center
Cornell University