Before trying out the steps described in this chapter, make sure you have completed all the steps described in Chapter 4, “PersonQuery Sample Application.”When the target-side ORB receives a request, the ORB calls the InterceptorSec target-side interceptor and passes the RequestContext and DataInputStream objects from the client request.
1.
Identifies the user of the client application. In this interceptor, the username must have the characters R, P, or N (either upper- or lowercase).
d. Matches the user against the PrimaryGroupId and the AccessId. If the user successfully matches the criteria for these two attributes, the interceptor returns INVOKE_NO_EXCEPTION.
e. If no match is found, the interceptor returns REPLY_EXCEPTION, which prevents the request from being sent to the target object. Instead, the ORB returns an exception to the client application.To obtain the SecurityCurrent object, your interceptors can invoke the resolve_initial_references(“SecurityCurrent”) operation on the ORB. The interceptor can then narrow the SecurityCurrent reference to a SecurityCurrentLevel1 current.The ORB’s resolve_initial_references(“SecurityCurrent”) method provides the interceptor a reference to a SecurityCurrent object from which the interceptor is provided with Level 1 Security functionality. The interceptor can obtain the attributes of the client invocation via the get_attributes method on the SecurityCurrent object, which returns an attribute list to the interceptor. The attribute list contains the attributes that pertain to the user of the client application that performed the invocation being intercepted. The behavior of any and all methods from the CORBA security service is still the same, with the exceptions noted above.When you run the makefile that builds the PersonQuery sample application in Chapter 4, “PersonQuery Sample Application,” the entire set of sample interceptors are built as well, including the InterceptorSec interceptor. This section describes how to register the InterceptorSec interceptor so that it works with PersonQuery application at run time.
1. Change directory to the InterceptorSec sample directory, where workdirectory represents the name of the directory into which you copied the interceptor sample applications in Chapter , “PersonQuery Sample Application:”> cd <workdirectory>\cxx\security_cxx$ cd <workdirectory>/cxx/security_cxx
4. The InterceptorSec client and target interceptors log their output to the files named, respectively, InterceptorSecClientxxx.out and InterceptorSecTargetxxx.out. These files contain debugging output from the interceptors that is automatically loaded and executed by the ORB for the PersonQuery application.
2. Change directory to the InterceptorSec sample directory, where workdirectory represents the name of the directory into which you copied the interceptor sample applications in Chapter , “PersonQuery Sample Application:”> cd <workdirectory>\cxx\security_cxx$ cd <workdirectory>/cxx/security_cxx