[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [ecf-dev] remote service call authorization implemenation
|
Hi Markus,
I've attached two patches: patch_approach1.txt contains the changes for the wrapper approach (first one described in my email), patch_approach2.txt contains the changes for the pre and post invocation hooks.
IMHO, I think second approach is better because the implementation of the IRemoteServiceCallPolicy does not need to perform the remote call.
### Eclipse Workspace Patch 1.0
#P org.eclipse.ecf.provider.remoteservice
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java,v
retrieving revision 1.22
diff -u -r1.22 RemoteServiceContainer.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java 4 Oct 2010 22:07:52 -0000 1.22
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java 6 Oct 2010 07:27:33 -0000
@@ -137,4 +137,8 @@
public IFuture asyncGetRemoteServiceReferences(ID target, ID[] idFilter, String clazz, String filter) {
return registry.asyncGetRemoteServiceReferences(target, idFilter, clazz, filter);
}
+
+ public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+ registry.setRemoteServiceCallPolicy(policy);
+ }
}
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java,v
retrieving revision 1.98
diff -u -r1.98 RegistrySharedObject.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java 4 Oct 2010 22:07:52 -0000 1.98
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java 6 Oct 2010 07:27:33 -0000
@@ -101,6 +101,8 @@
*/
private EventManager rsListenerDispatchEventManager;
+ protected IRemoteServiceCallPolicy remoteServiceCallPolicy;
+
public RegistrySharedObject() {
//
}
@@ -1131,6 +1133,9 @@
Response response = null;
Object result = null;
try {
+ if (remoteServiceCallPolicy != null) {
+ remoteServiceCallPolicy.preInvocationHook(localRegistration, call, responseTarget);
+ }
result = localRegistration.callService(call);
response = new Response(request.getRequestId(), result);
// Invocation target exception happens if the local method being invoked throws (cause)
@@ -1145,6 +1150,10 @@
} catch (NoClassDefFoundError e) {
response = new Response(request.getRequestId(), getSerializableException(e));
logRemoteCallException("No class def found error invoking remote service. Remote request=" + request, e); //$NON-NLS-1$
+ } finally {
+ if (remoteServiceCallPolicy != null) {
+ remoteServiceCallPolicy.postInvocationHook(localRegistration, call, responseTarget, result);
+ }
}
// Now send response back to responseTarget (original requestor)
if (respond)
@@ -1624,4 +1633,8 @@
this.connectContext = connectContext;
}
+ public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+ this.remoteServiceCallPolicy = policy;
+ }
+
}
#P org.eclipse.ecf.remoteservice
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/framework/bundles/org.eclipse.ecf.remoteservice/src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java,v
retrieving revision 1.20
diff -u -r1.20 IRemoteServiceContainerAdapter.java
--- src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java 4 Oct 2010 22:07:48 -0000 1.20
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java 6 Oct 2010 07:27:34 -0000
@@ -518,4 +518,10 @@
*/
public void setConnectContextForAuthentication(IConnectContext connectContext);
+ /**
+ * Set the remote service call policy to enable authorization on remote service method calls
+ * @param policy Implementation of <code>IRemoteServiceCallPolicy</code> containing authorization specific code
+ */
+ public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy);
+
}
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
===================================================================
RCS file: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
diff -N src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,29 @@
+package org.eclipse.ecf.remoteservice;
+
+import org.eclipse.ecf.core.identity.ID;
+
+/**
+ * Interface providing the ability to add authorization on a remote service method call.
+ *
+ */
+public interface IRemoteServiceCallPolicy {
+ /**
+ * Method called before the remote service method call to check if the remote service method call is authorized
+ * @param registration Remote service registration
+ * @param call Remote method call
+ * @param fromID Container ID of the caller
+ * @throws Exception Authorization implementation specific exception
+ */
+ public void preInvocationHook(IRemoteServiceRegistration registration, IRemoteCall call, ID fromID) throws Exception;
+
+ /**
+ * Method called after the remote service method to clean up authorization information or to check if returned result
+ * is authorized
+ * @param registration Remote service registration
+ * @param call Remote method call
+ * @param fromID Container ID of the caller
+ * @param result Result of the remote service method call
+ * @throws Exception Authorization implementation specific exception
+ */
+ public void postInvocationHook(IRemoteServiceRegistration registration, IRemoteCall call, ID fromID, Object result) throws Exception;
+}
### Eclipse Workspace Patch 1.0
#P org.eclipse.ecf.provider.remoteservice
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java,v
retrieving revision 1.22
diff -u -r1.22 RemoteServiceContainer.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java 4 Oct 2010 22:07:52 -0000 1.22
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java 6 Oct 2010 07:04:24 -0000
@@ -137,4 +137,8 @@
public IFuture asyncGetRemoteServiceReferences(ID target, ID[] idFilter, String clazz, String filter) {
return registry.asyncGetRemoteServiceReferences(target, idFilter, clazz, filter);
}
+
+ public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+ registry.setRemoteServiceCallPolicy(policy);
+ }
}
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java,v
retrieving revision 1.98
diff -u -r1.98 RegistrySharedObject.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java 4 Oct 2010 22:07:52 -0000 1.98
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java 6 Oct 2010 07:04:24 -0000
@@ -101,6 +101,8 @@
*/
private EventManager rsListenerDispatchEventManager;
+ protected IRemoteServiceCallPolicy remoteServiceCallPolicy;
+
public RegistrySharedObject() {
//
}
@@ -1131,7 +1133,11 @@
Response response = null;
Object result = null;
try {
- result = localRegistration.callService(call);
+ if (remoteServiceCallPolicy != null) {
+ result = remoteServiceCallPolicy.callWithAuthorization(localRegistration, call, responseTarget);
+ } else {
+ result = localRegistration.callService(call);
+ }
response = new Response(request.getRequestId(), result);
// Invocation target exception happens if the local method being invoked throws (cause)
} catch (InvocationTargetException e) {
@@ -1624,4 +1630,8 @@
this.connectContext = connectContext;
}
+ public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+ this.remoteServiceCallPolicy = policy;
+ }
+
}
#P org.eclipse.ecf.remoteservice
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/framework/bundles/org.eclipse.ecf.remoteservice/src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java,v
retrieving revision 1.20
diff -u -r1.20 IRemoteServiceContainerAdapter.java
--- src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java 4 Oct 2010 22:07:48 -0000 1.20
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java 6 Oct 2010 07:04:25 -0000
@@ -518,4 +518,10 @@
*/
public void setConnectContextForAuthentication(IConnectContext connectContext);
+ /**
+ * Set the remote service call policy to enable authorization on remote service method calls
+ * @param policy Implementation of <code>IRemoteServiceCallPolicy</code> containing authorization specific code
+ */
+ public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy);
+
}
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
===================================================================
RCS file: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
diff -N src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,20 @@
+package org.eclipse.ecf.remoteservice;
+
+import org.eclipse.ecf.core.identity.ID;
+
+/**
+ * Interface providing the ability to add authorization on a remote service method call.
+ *
+ */
+public interface IRemoteServiceCallPolicy {
+ /**
+ * Wrapper method of the remote method call to add authorization. The remote method call should be performed
+ * within this method.
+ * @param registration Remote service registration
+ * @param call Remote method call
+ * @param fromID Container ID of the caller
+ * @return Result of the remote service method call
+ * @throws Exception An authorization exception or any exception the remote service method call can throw
+ */
+ public Object callWithAuthorization(IRemoteServiceRegistration registration, IRemoteCall call, ID fromID) throws Exception;
+}