[omniORB] omni interceptors
Renzo Tomaselli
renzo.tomaselli@tecnotp.it
Wed, 25 Jul 2001 17:51:57 +0200
Sai-Lai,
I'm interested in this subject too and for the same reasons, e.g.
encryption/decryption in a way that concerned IDL models should be unaware
of. This means both replacing message contents for privacy protection or
just appending a GSS token for authentication/integrity reasons. The
opposite should occur at receiver side, with a possibly silent (e.g.
implementation-unaware) deny of service because of security motivations.
Things could be even more complex in case of multistage authentication
procotols, e.i. a challenge/response sequence.
>From your message I presume that just appending a token might be fulfilled
by interceptors, but not full message encryption.
>If you want to do this, a better approach would be to implement it as a
>transport, similar to the ssl transport. The transport interface in omniORB
>4 is much simpler than in omniORB 3. You may want to look into
><omniORB4>/src/lib/omniORB/orbcore/ssl/ to see what needs to be done...
Does such transport fit anything like a runtime plugin (e.g. through
registered callbacks) or does it need to be built into a special version of
OmniORB 4 |:-( ?
Cheers,
Renzo Tomaselli
---------------------------------------------------------------------------
TecnoTP s.n.c. Special Information System Design
Maso Pelauchi I38050 Ronchi Valsugana, Trento TN ITALY
Tel. +39 0461 773164 Fax. +39 0461 771514
e-mail: renzo.tomaselli@tecnotp.it
---------------------------------------------------------------------------