public void receive_request_service_contexts()

in yoko-core/src/main/java/org/apache/yoko/orb/csi/CSIServerRequestInterceptor.java [63:178]

• 87 lines of code
• 17 McCabe index (conditional complexity)

    public void receive_request_service_contexts(ServerRequestInfo ri)
            throws ForwardRequest
    {
        log.fine("receive_request_service_contexts " + ri.operation());

        if (CallStatus.peekIsLocal()) {
            log.fine("local call");
            return;
        }

        // set null subject so that we won't run in context of some
        // previous subject
        // CSISubjectInfo.clear ();

        boolean support_gssup_authorization = false;
        boolean require_gssup_authorization = false;

        String gssup_domain = null;

        // if there is no GSSUP policy on this POA, then we won't try
        // to validate the user.
        try {
            GSSUPPolicy gp = (GSSUPPolicy) ri
                    .get_server_policy(SecGSSUPPolicy.value);

            if (gp == null) {
                log.fine("null GSSUPPolicy");
            } else {
                support_gssup_authorization = true;

                if (gp.mode() == RequiresSupports.SecRequires) {
                    require_gssup_authorization = true;
                }

                gssup_domain = gp.domain();
            }

        }
        catch (org.omg.CORBA.INV_POLICY ex) {
            log.log(java.util.logging.Level.FINE, "no GSSUPPolicy", ex);
        }

        boolean support_gssup_principal_identity = false;

        try {
            DelegationDirectivePolicy delegate = (DelegationDirectivePolicy) ri
                    .get_server_policy(SecDelegationDirectivePolicy.value);
            if (delegate != null) {
                DelegationDirective dir = delegate.delegation_directive();
                if (dir == DelegationDirective.Delegate) {
                    support_gssup_principal_identity = true;
                }
            }
        }
        catch (org.omg.CORBA.INV_POLICY ex) {
            // ignore //
        }

        if (log.isLoggable(Level.FINE)) {
            log.fine("support gssup authorization: "
                      + support_gssup_authorization);
            log.fine("require gssup authorization: "
                      + require_gssup_authorization);
            log.fine("support gssup identity: "
                      + support_gssup_principal_identity);
        }

        ServiceContext serviceContext;
        try {
            serviceContext = ri
                    .get_request_service_context(SecurityAttributeService.value);
        }
        catch (org.omg.CORBA.BAD_PARAM ex) {
            serviceContext = null;
        }

        log.fine("Received request service context: " + serviceContext);

        if (require_gssup_authorization && serviceContext == null) {
            throw new org.omg.CORBA.NO_PERMISSION(
                    "GSSUP authorization required"
                    + " (missing SAS EstablishContext message)");
        }

        SASContextBody sasBody = null;

        if (serviceContext != null) {
            sasBody = decodeSASContextBody(serviceContext);

            log.fine("received request of type "
                + sasBody.discriminator());

            switch (sasBody.discriminator()) {
                case MTCompleteEstablishContext.value:
                case MTContextError.value:
                    // Unexpected
                    log.severe("Unexpected message of type "
                              + sasBody.discriminator());
                    throw new org.omg.CORBA.NO_PERMISSION("unexpected SAS message");

                case MTMessageInContext.value:
                    log.fine("MTMessageInContext");

                    throw new org.omg.CORBA.NO_PERMISSION(
                            "Stateful SAS not supported");

                case MTEstablishContext.value:
                    log.fine("MTEstablishContext");
                    acceptContext(ri, sasBody.establish_msg(),
                                  support_gssup_authorization,
                                  require_gssup_authorization,
                                  support_gssup_principal_identity, gssup_domain);
                    break;
            }
        }
    }