[omniORB] Securing a Name Service

JohnD.Heintz JohnD.Heintz
Fri, 29 Jun 2001 10:49:46 -0500 

Yes, I see what you mean about the proxy solution.

Last last questions:

I've found the docs for omniINSPOA and would like to know if I can:
1) use corbaloc: syntax to directly refer to objects created on this POA?=
  (I=20
think this is directly implied by the docs)

2) use children of omniINSPOA the same way?  (Do they have the same prope=
rty=20
regarding object keys?)  I may want to specify threading policies for exa=
mple.

If I can just use corbaloc: I really don't even need a NameService do I? =
=20
This would solve our security problem as well.

Thanks again,
John

On Friday 29 June 2001 10:34, Duncan Grisby wrote:
> On Friday 29 June, John D. Heintz wrote:
> > Last question (and I'm sorry if it's been discussed already): Can I
> > do this from Python and what magic (insPOA?) do I use to enable INS
> > corbaloc and corbaname to work?
>
> It's not especially feasible to make extensions to omniNames with
> Python. You could certainly implement an extended naming service from
> scratch with Python, but you probably don't want to do that.
>
> It's tempting to try to make a Python proxy to the Naming service, so
> only the proxy is available to outside users. The problem with this is
> that the Naming service consists of a whole bunch of objects. It would
> be quite hard to keep track of proxying all the various objects
> involved. It could be done with some object id tricks and a servant
> locator (a default servant would be better, but it would require
> POACurrent support which isn't in omniORB 3 -- it's in the omniORB 4
> preview).
>
> Basically, the idea is that whenever you need to return a proxied
> object reference, you use the real object reference IOR as the object
> id within the proxying POA. You don't activate an object to go with
> it, so when a request for that objref comes in, the servant locator
> (ideally default servant) can look at the object id, turn it into the
> real object reference, and invoke the operation. This is actually a
> great idea for a student project...
>
> It's probably easier to modify the C++ omniNames implementation.
>
> Cheers,
>
> Duncan.

--=20
=2E . . . . . . . . . . . . . . . . . . . . . . .

John D. Heintz | Senior Engineer

1016 La Posada Dr. | Suite 240 | Austin TX 78752
T 512.633.1198 | jheintz@isogen.com

w w w . d a t a c h a n n e l . c o m