[omniORB] omniORB Authentication Methods

Duncan Grisby duncan at grisby.org
Mon Oct 23 18:19:31 BST 2006


On Friday 20 October, "Stephan February" wrote:

[...]
>   3) Client sets UUID as token in service context for subsequent calls to
> server
> 
> My problem is now how to perform step (4)
> 
>   4) Server matches individual security tokens to distinct clients from
> different sources
> 
> I thought to enforce (4) in the "preinvoke" method of a custom servant
> manager, however I can't find a way to associate individual client requests
> from different PCs with their individual "authenticated"
> sessions/connections.

Servant managers don't have access to service contexts. You have to use
a ServerReceiveRequest interceptor to get the service context. You can
then store something in per-thread state, so either your servant
manager, or the servant itself, can check the credentials of the caller.

In omniORB 4.0 you can't throw system exceptions from interceptors, but
in 4.1 you can, so if you use 4.1, you can throw CORBA::NO_PERMISSION
from your interceptor if you want.

Cheers,

Duncan.

-- 
 -- Duncan Grisby         --
  -- duncan at grisby.org     --
   -- http://www.grisby.org --



More information about the omniORB-list mailing list