[omniORB] omniORB Authentication Methods

Stephan February stephan.february at gmail.com
Fri Oct 20 17:18:37 BST 2006


On 10/12/06, Duncan Grisby <duncan at grisby.org> wrote:
>
>
> >    - Adding an authentication token as a Service Context in a *
> > clientSendRequest* Interceptor.
>
> This definitely works. I'm using it in production, and it doesn't cause
> any problems.



Hello Duncan

I have hit something of a wall in the above scheme for authentication. I am
doing the following:

  1) Client authenticates to server with username/password
  2) Server returns a UUID as security token to client
  3) Client sets UUID as token in service context for subsequent calls to
server

My problem is now how to perform step (4)

  4) Server matches individual security tokens to distinct clients from
different sources

I thought to enforce (4) in the "preinvoke" method of a custom servant
manager, however I can't find a way to associate individual client requests
from different PCs with their individual "authenticated"
sessions/connections.

Any help is much appreciated.

Regards
Stephan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.omniorb-support.com/pipermail/omniorb-list/attachments/20061020/90701a33/attachment.htm


More information about the omniORB-list mailing list