1 /**
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17 package org.apache.geronimo.yoko;
18
19 import java.net.Socket;
20 import javax.net.ssl.SSLSession;
21 import javax.net.ssl.SSLSocket;
22
23 import org.apache.yoko.orb.PortableInterceptor.ServerRequestInfoExt;
24 import org.apache.yoko.orb.OCI.IIOP.TransportInfo_impl;
25 import org.slf4j.Logger;
26 import org.slf4j.LoggerFactory;
27 import org.omg.CORBA.LocalObject;
28 import org.omg.PortableInterceptor.ServerRequestInfo;
29 import org.omg.PortableInterceptor.ServerRequestInterceptor;
30
31 import org.apache.geronimo.corba.security.SSLSessionManager;
32
33 /**
34 * A service context interceptor to help manage
35 * SSL security information for incoming connections.
36 * @version $Revision: 452600 $ $Date: 2006-10-03 12:29:42 -0700 (Tue, 03 Oct 2006) $
37 */
38 final class ServiceContextInterceptor extends LocalObject implements ServerRequestInterceptor {
39
40 private final Logger log = LoggerFactory.getLogger(ServiceContextInterceptor.class);
41
42 public ServiceContextInterceptor() {
43 if (log.isDebugEnabled()) log.debug("<init>");
44 }
45
46 public void receive_request(ServerRequestInfo ri) {
47 }
48
49 public void receive_request_service_contexts(ServerRequestInfo ri) {
50
51 if (log.isDebugEnabled()) log.debug("Looking for SSL Session");
52
53 // for an incoming request, we need to see if the request is coming in on
54 // an SSLSocket. If this is using a secure connection, then we register the
55 // request and SSLSession with the session manager.
56 ServerRequestInfoExt riExt = (ServerRequestInfoExt) ri;
57 TransportInfo_impl connection = (TransportInfo_impl)riExt.getTransportInfo();
58 if (connection != null) {
59 Socket socket = connection.socket();
60 if (socket != null && socket instanceof SSLSocket) {
61 if (log.isDebugEnabled()) log.debug("Found SSL Session");
62 SSLSocket sslSocket = (SSLSocket) socket;
63
64 SSLSessionManager.setSSLSession(ri.request_id(), sslSocket.getSession());
65 }
66 }
67 }
68
69 public void send_exception(ServerRequestInfo ri) {
70 // clean any SSL session information if we registered.
71 SSLSession old = SSLSessionManager.clearSSLSession(ri.request_id());
72 if (log.isDebugEnabled() && old != null) log.debug("Removing SSL Session for send_exception");
73 }
74
75 public void send_other(ServerRequestInfo ri) {
76 // clean any SSL session information if we registered.
77 SSLSession old = SSLSessionManager.clearSSLSession(ri.request_id());
78 if (log.isDebugEnabled() && old != null) log.debug("Removing SSL Session for send_reply");
79 }
80
81 public void send_reply(ServerRequestInfo ri) {
82 // clean any SSL session information if we registered.
83 SSLSession old = SSLSessionManager.clearSSLSession(ri.request_id());
84 if (log.isDebugEnabled() && old != null) log.debug("Removing SSL Session for send_reply");
85 }
86
87 public void destroy() {
88 if (log.isDebugEnabled()) log.debug("Destroy");
89 }
90
91 public String name() {
92 return "org.apache.geronimo.yoko.ServiceContextInterceptor";
93 }
94 }