securitylevel3_impl.h

MICO2.3.13 corba 环境平台

	client_principal();

	virtual SL3PM::StatementList*
	client_supporting_statements();

	virtual SL3PM::ResourceNameList*
	client_restricted_resources();

	virtual SL3PM::Principal*
	target_principal();

	virtual SL3PM::StatementList*
	target_supporting_statements();

	virtual SL3PM::ResourceNameList*
	target_restricted_resources();

	virtual SL3PM::PrinAttributeList*
	environmental_attributes();

	virtual SecurityLevel3::OwnCredentials_ptr
	parent_credentials();

	virtual CORBA::Boolean
	client_authentication();

	virtual CORBA::Boolean
	target_authentication();

	virtual CORBA::Boolean
	confidentiality();

	virtual CORBA::Boolean
	integrity();

	virtual CORBA::Boolean
	target_embodied();

	virtual CORBA::Boolean
	target_endorsed();

	virtual void
	release();

	// extensions
	void
	context_id(const char* id);

	void
	client_principal(SL3PM::Principal* principal);

	void
	client_supporting_statements
	(const SL3PM::StatementList& statements);

	void
	client_restricted_resources
	(const SL3PM::ResourceNameList& resources);

	void
	target_principal(SL3PM::Principal* principal);

	void
	target_supporting_statements
	(const SL3PM::StatementList& statements);

	void
	target_restricted_resources
	(const SL3PM::ResourceNameList& resources);

	void
	environmental_attributes
	(const SL3PM::PrinAttributeList& attrs);

	void
	parent_credentials(SecurityLevel3::OwnCredentials_ptr creds);

	void
	client_authentication(CORBA::Boolean authentication);

	void
	target_authentication(CORBA::Boolean authentication);

	void
	confidentiality(CORBA::Boolean confidentiality);

	void
	integrity(CORBA::Boolean integrity);

	void
	target_embodied(CORBA::Boolean embodied);

	void
	target_endorsed(CORBA::Boolean endorsed);

	void
	notify_creation();

	void
	notify_release();

	void
	notify_destroy();
    private:
	CORBA::String_var context_id_;
	SL3PM::Principal_var client_principal_;
	SL3PM::StatementList client_supporting_statements_;
	SL3PM::ResourceNameList client_restricted_resources_;
	SL3PM::Principal_var target_principal_;
	SL3PM::StatementList target_supporting_statements_;
	SL3PM::ResourceNameList target_restricted_resources_;
	SL3PM::PrinAttributeList environmental_attributes_;
	SecurityLevel3::OwnCredentials_var parent_credentials_;
	CORBA::Boolean client_authentication_;
	CORBA::Boolean target_authentication_;
	CORBA::Boolean confidentiality_;
	CORBA::Boolean integrity_;
	CORBA::Boolean target_embodied_;
	CORBA::Boolean target_endorsed_;
	std::vector<SL3OM::TargetCredentialsObserver_var> credentials_observers_;
	std::vector<SL3OMExt::TargetCredentialsDestroyObserver_var> destroy_observers_;
    };


    class CredentialsCurator_impl
	: virtual public SecurityLevel3::CredentialsCurator,
	  virtual public CORBA::LocalObject
    {
    public:
	virtual SecurityLevel3::OwnCredentialsList*
	default_creds_list();

	virtual SL3CM::CredentialsIdList*
	default_creds_ids();

	virtual SecurityLevel3::CredentialsAcquirer_ptr
	acquire_credentials
	(SL3AQArgs::Argument_ptr acquisition_arguments);

	virtual SecurityLevel3::OwnCredentials_ptr
	get_own_credentials(const char* credentials_id);

	virtual void
	release_own_credentials(const char* credentials_id);

	// extension

	void
	add_own_credentials
	(SecurityLevel3::OwnCredentials_ptr creds,
	 CORBA::Boolean on_list);
    private:
	MICOMT::RWLock default_creds_list_lock_;
	SecurityLevel3::OwnCredentialsList default_creds_list_;
	MICOMT::RWLock own_creds_list_lock_;
	SecurityLevel3::OwnCredentialsList own_creds_list_;
    };


    class SecurityManager_impl
	: virtual public SecurityLevel3::SecurityManager,
	  virtual public CORBA::LocalObject
    {
    public:
	SecurityManager_impl(SecurityLevel3::CredentialsCurator_ptr curator);

	virtual SecurityLevel3::CredentialsCurator_ptr
	credentials_curator();

	virtual SecurityLevel3::TargetCredentials_ptr
	get_target_credentials(CORBA::Object_ptr the_object);

	virtual SecurityLevel3::ContextEstablishmentPolicy_ptr
	create_context_estab_policy
	(SL3CM::CredsDirective creds_directive,
	 const SecurityLevel3::OwnCredentialsList& creds_list,
	 SL3CM::FeatureDirective use_client_auth,
	 SL3CM::FeatureDirective use_target_auth,
	 SL3CM::FeatureDirective use_confidentiality,
	 SL3CM::FeatureDirective use_integrity);

	virtual SecurityLevel3::ObjectCredentialsPolicy_ptr
	create_object_creds_policy
	(const SecurityLevel3::OwnCredentialsList& creds_list);
    private:
	SecurityLevel3::CredentialsCurator_var curator_;
    };


    class SecurityCurrent_impl
	: virtual public SecurityLevel3::SecurityCurrent,
	  virtual public CORBA::LocalObject
    {
    public:
	virtual SecurityLevel3::ClientCredentials_ptr
	client_credentials();

	virtual CORBA::Boolean
	request_is_local();
    };


    class ContextEstablishmentPolicy_impl
	: virtual public SecurityLevel3::ContextEstablishmentPolicy,
	  virtual public CORBA::LocalObject
    {
    public:
	ContextEstablishmentPolicy_impl
	(SL3CM::CredsDirective creds_directive,
	 const SecurityLevel3::OwnCredentialsList& creds_list,
	 SL3CM::FeatureDirective use_client_auth,
	 SL3CM::FeatureDirective use_target_auth,
	 SL3CM::FeatureDirective use_confidentiality,
	 SL3CM::FeatureDirective use_integrity);

	virtual
	~ContextEstablishmentPolicy_impl();

	virtual SecurityLevel3::OwnCredentialsList*
	creds_list();

	virtual SL3CM::CredsDirective
	creds_directive();

	virtual SL3CM::FeatureDirective
	use_client_auth();

	virtual SL3CM::FeatureDirective
	use_target_auth();

	virtual SL3CM::FeatureDirective
	use_confidentiality();

	virtual SL3CM::FeatureDirective
	use_integrity();

	// Policy operations

	virtual CORBA::PolicyType
	policy_type();

	virtual CORBA::Policy_ptr
	copy();

	virtual void
	destroy();

    private:
	SecurityLevel3::OwnCredentialsList creds_list_;
	SL3CM::CredsDirective creds_directive_;
	SL3CM::FeatureDirective	use_client_auth_;
	SL3CM::FeatureDirective	use_target_auth_;
	SL3CM::FeatureDirective	use_confidentiality_;
	SL3CM::FeatureDirective	use_integrity_;
    };


    //
    // various supporting classes
    //

    class ORBInitializer
	: virtual public PortableInterceptor::ORBInitializer,
	  virtual public CORBA::LocalObject
    {
    public:
	ORBInitializer();

	virtual
	~ORBInitializer();

	virtual void
	pre_init(PortableInterceptor::ORBInitInfo_ptr info);

	virtual void
	post_init(PortableInterceptor::ORBInitInfo_ptr info);
    };


    class TargetCredsHolder
    {
    public:
	SecurityLevel3::TargetCredentials_ptr
	csi_creds(const std::string& key);

	void
	csi_creds
	(const std::string& key,
	 SecurityLevel3::TargetCredentials_ptr creds);

	void
	release_credentials(const char* id);
    private:
	typedef std::map<std::string, SecurityLevel3::TargetCredentials_var, std::less<std::string> > TargetCredentialsMap;
	typedef std::map<std::string, SecurityLevel3::TargetCredentials_var, std::less<std::string> >::iterator
	TargetCredentialsMapIterator;
	TargetCredentialsMap creds_map_;
    };


    class ClientCredsHolder
    {
    public:
	ClientCredsHolder();

	SecurityLevel3::ClientCredentials_ptr
	csi_creds(const std::string& key);

	void
	csi_creds
	(const std::string& key,
	 SecurityLevel3::ClientCredentials_ptr creds);

	SecurityLevel3::ClientCredentials_ptr
	current_creds();

	void
	current_creds(SecurityLevel3::ClientCredentials_ptr creds);

	void
	release_credentials(const char* id);
    private:
	typedef std::map<std::string, SecurityLevel3::ClientCredentials_var, std::less<std::string> > ClientCredentialsMap;
	typedef std::map<std::string, SecurityLevel3::ClientCredentials_var, std::less<std::string> >::iterator
	ClientCredentialsMapIterator;
	ClientCredentialsMap creds_map_;
#ifdef HAVE_THREADS
	MICOMT::Thread::ThreadKey thread_key_;
#else // HAVE_THREADS
	SecurityLevel3::ClientCredentials_var current_creds_;
#endif // HAVE_THREADS
    };
} // MICOSL3_SecurityLevel3

#endif // __SECURITYLEVEL3_IMPL_H__