001: package demo.ssl;
002:
003: import java.io.*;
004:
005: import java.security.cert.X509Certificate;
006:
007: import org.omg.PortableServer.POA;
008: import org.omg.SecurityLevel2.*;
009: import org.omg.Security.*;
010: import org.omg.CORBA.ORB;
011:
012: import org.jacorb.security.level2.*;
013:
014: /**
015: * This is the server part of the ssl demo. It demonstrates
016: * how to get access to the certificates that the client sent
017: * for mutual authentication. The certificate chain can be
018: * accessed via the Security Level 2 interfaces.
019: *
020: * @author Nicolas Noffke
021: * @version $Id: Server.java,v 1.3 2002/01/22 10:56:39 nicolas Exp $
022: */
023:
024: public class Server extends SSLDemoPOA {
025: //the Security Level 2 Current
026: private Current current = null;
027:
028: /*
029: * This class from package org.jacorb.security.level2
030: * contains the actual contents of the security attributes
031: */
032: private SecAttributeManager attrib_mgr = null;
033:
034: //the single attribute type array, that is used
035: //for getting the SecAttributes from the Credentials
036: private AttributeType[] access_id = null;
037:
038: public Server(Current current) {
039: this .current = current;
040:
041: attrib_mgr = SecAttributeManager.getInstance();
042:
043: AttributeType attribute_type = new AttributeType(
044: new ExtensibleFamily((short) 0, (short) 1),
045: AccessId.value);
046:
047: access_id = new AttributeType[] { attribute_type };
048: }
049:
050: /**
051: * This method retrievs the received client certificate
052: * from the Credentials.
053: */
054: private X509Certificate getClientCert() {
055: //get the ReceivedCredentials
056: ReceivedCredentials creds = current.received_credentials();
057:
058: if (creds == null) {
059: return null;
060: }
061:
062: //get the SecAttributes we're interested in
063: SecAttribute[] attribs = creds.get_attributes(access_id);
064:
065: if (attribs.length == 0) {
066: return null;
067: }
068:
069: //get the actual contents of the SecAttributes via
070: //the SecAttributeManager
071: KeyAndCert kac = attrib_mgr.getAttributeCertValue(attribs[0]);
072:
073: if (kac == null) {
074: return null;
075: }
076:
077: //return the first (self-signed) certificate of the chain
078: return (X509Certificate) kac.chain[0];
079: }
080:
081: /**
082: * This method is from the IDL--interface. It prints out the
083: * received client cert (if available).
084: */
085: public void printCert() {
086: X509Certificate client_cert = getClientCert();
087:
088: if (client_cert == null) {
089: System.out.println("No client certificate available");
090: } else {
091: System.out.println("Received a client certificate:");
092: System.out.println(client_cert);
093: }
094: }
095:
096: public static void main(String[] args) {
097: if (args.length != 1) {
098: System.out
099: .println("Usage: java demo.ssl.Server <ior_file>");
100: System.exit(-1);
101: }
102:
103: try {
104: ORB orb = ORB.init(args, null);
105:
106: POA poa = (POA) orb.resolve_initial_references("RootPOA");
107:
108: poa.the_POAManager().activate();
109:
110: Current current = (org.omg.SecurityLevel2.Current) orb
111: .resolve_initial_references("SecurityCurrent");
112:
113: org.omg.CORBA.Object demo = poa
114: .servant_to_reference(new Server(current));
115:
116: PrintWriter pw = new PrintWriter(new FileWriter(args[0]));
117:
118: // print stringified object reference to file
119: pw.println(orb.object_to_string(demo));
120:
121: pw.flush();
122: pw.close();
123:
124: // wait for requests
125: orb.run();
126: } catch (Exception e) {
127: e.printStackTrace();
128: }
129: }
130: } // Server
|