Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [ecf-dev] remote service call authorization implemenation

Hi Markus,
 
I've attached two patches: patch_approach1.txt contains the changes for the wrapper approach (first one described in my email), patch_approach2.txt contains the changes for the pre and post invocation hooks.
IMHO, I think second approach is better because the implementation of the IRemoteServiceCallPolicy does not need to perform the remote call.
 
 
2010/10/6 Markus Alexander Kuppe ecf-dev_eclipse.org@xxxxxxxxxxx
 
Hi Franky,

thanks for your efforts. Do you happen to have a patch already that you
could share with us. Makes it a lot easier to understand the changes. :-)

Thanks
Markus
_______________________________________________
ecf-dev mailing list
ecf-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/ecf-dev

### Eclipse Workspace Patch 1.0
#P org.eclipse.ecf.provider.remoteservice
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java,v
retrieving revision 1.22
diff -u -r1.22 RemoteServiceContainer.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java	4 Oct 2010 22:07:52 -0000	1.22
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java	6 Oct 2010 07:27:33 -0000
@@ -137,4 +137,8 @@
 	public IFuture asyncGetRemoteServiceReferences(ID target, ID[] idFilter, String clazz, String filter) {
 		return registry.asyncGetRemoteServiceReferences(target, idFilter, clazz, filter);
 	}
+
+	public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+		registry.setRemoteServiceCallPolicy(policy);
+	}
 }
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java,v
retrieving revision 1.98
diff -u -r1.98 RegistrySharedObject.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java	4 Oct 2010 22:07:52 -0000	1.98
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java	6 Oct 2010 07:27:33 -0000
@@ -101,6 +101,8 @@
 	 */
 	private EventManager rsListenerDispatchEventManager;
 
+	protected IRemoteServiceCallPolicy remoteServiceCallPolicy;
+
 	public RegistrySharedObject() {
 		//
 	}
@@ -1131,6 +1133,9 @@
 				Response response = null;
 				Object result = null;
 				try {
+					if (remoteServiceCallPolicy != null) {
+						remoteServiceCallPolicy.preInvocationHook(localRegistration, call, responseTarget);
+					}
 					result = localRegistration.callService(call);
 					response = new Response(request.getRequestId(), result);
 					// Invocation target exception happens if the local method being invoked throws (cause)
@@ -1145,6 +1150,10 @@
 				} catch (NoClassDefFoundError e) {
 					response = new Response(request.getRequestId(), getSerializableException(e));
 					logRemoteCallException("No class def found error invoking remote service.  Remote request=" + request, e); //$NON-NLS-1$
+				} finally {
+					if (remoteServiceCallPolicy != null) {
+						remoteServiceCallPolicy.postInvocationHook(localRegistration, call, responseTarget, result);
+					}
 				}
 				// Now send response back to responseTarget (original requestor)
 				if (respond)
@@ -1624,4 +1633,8 @@
 		this.connectContext = connectContext;
 	}
 
+	public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+		this.remoteServiceCallPolicy = policy;
+	}
+
 }
#P org.eclipse.ecf.remoteservice
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/framework/bundles/org.eclipse.ecf.remoteservice/src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java,v
retrieving revision 1.20
diff -u -r1.20 IRemoteServiceContainerAdapter.java
--- src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java	4 Oct 2010 22:07:48 -0000	1.20
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java	6 Oct 2010 07:27:34 -0000
@@ -518,4 +518,10 @@
 	 */
 	public void setConnectContextForAuthentication(IConnectContext connectContext);
 
+	/**
+	 * Set the remote service call policy to enable authorization on remote service method calls
+	 * @param policy Implementation of <code>IRemoteServiceCallPolicy</code> containing authorization specific code
+	 */
+	public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy);
+
 }
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
===================================================================
RCS file: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
diff -N src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java	1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,29 @@
+package org.eclipse.ecf.remoteservice;
+
+import org.eclipse.ecf.core.identity.ID;
+
+/**
+ * Interface providing the ability to add authorization on a remote service method call.
+ *
+ */
+public interface IRemoteServiceCallPolicy {
+	/**
+	 * Method called before the remote service method call to check if the remote service method call is authorized
+	 * @param registration Remote service registration
+	 * @param call Remote method call
+	 * @param fromID Container ID of the caller
+	 * @throws Exception Authorization implementation specific exception
+	 */
+	public void preInvocationHook(IRemoteServiceRegistration registration, IRemoteCall call, ID fromID) throws Exception;
+
+	/**
+	 * Method called after the remote service method to clean up authorization information or to check if returned result
+	 * is authorized
+	 * @param registration Remote service registration
+	 * @param call Remote method call
+	 * @param fromID Container ID of the caller
+	 * @param result Result of the remote service method call
+	 * @throws Exception Authorization implementation specific exception
+	 */
+	public void postInvocationHook(IRemoteServiceRegistration registration, IRemoteCall call, ID fromID, Object result) throws Exception;
+}
### Eclipse Workspace Patch 1.0
#P org.eclipse.ecf.provider.remoteservice
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java,v
retrieving revision 1.22
diff -u -r1.22 RemoteServiceContainer.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java	4 Oct 2010 22:07:52 -0000	1.22
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RemoteServiceContainer.java	6 Oct 2010 07:04:24 -0000
@@ -137,4 +137,8 @@
 	public IFuture asyncGetRemoteServiceReferences(ID target, ID[] idFilter, String clazz, String filter) {
 		return registry.asyncGetRemoteServiceReferences(target, idFilter, clazz, filter);
 	}
+
+	public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+		registry.setRemoteServiceCallPolicy(policy);
+	}
 }
Index: src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/providers/bundles/org.eclipse.ecf.provider.remoteservice/src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java,v
retrieving revision 1.98
diff -u -r1.98 RegistrySharedObject.java
--- src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java	4 Oct 2010 22:07:52 -0000	1.98
+++ src/org/eclipse/ecf/provider/remoteservice/generic/RegistrySharedObject.java	6 Oct 2010 07:04:24 -0000
@@ -101,6 +101,8 @@
 	 */
 	private EventManager rsListenerDispatchEventManager;
 
+	protected IRemoteServiceCallPolicy remoteServiceCallPolicy;
+
 	public RegistrySharedObject() {
 		//
 	}
@@ -1131,7 +1133,11 @@
 				Response response = null;
 				Object result = null;
 				try {
-					result = localRegistration.callService(call);
+					if (remoteServiceCallPolicy != null) {
+						result = remoteServiceCallPolicy.callWithAuthorization(localRegistration, call, responseTarget);
+					} else {
+						result = localRegistration.callService(call);
+					}
 					response = new Response(request.getRequestId(), result);
 					// Invocation target exception happens if the local method being invoked throws (cause)
 				} catch (InvocationTargetException e) {
@@ -1624,4 +1630,8 @@
 		this.connectContext = connectContext;
 	}
 
+	public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy) {
+		this.remoteServiceCallPolicy = policy;
+	}
+
 }
#P org.eclipse.ecf.remoteservice
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java
===================================================================
RCS file: /cvsroot/rt/org.eclipse.ecf/framework/bundles/org.eclipse.ecf.remoteservice/src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java,v
retrieving revision 1.20
diff -u -r1.20 IRemoteServiceContainerAdapter.java
--- src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java	4 Oct 2010 22:07:48 -0000	1.20
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceContainerAdapter.java	6 Oct 2010 07:04:25 -0000
@@ -518,4 +518,10 @@
 	 */
 	public void setConnectContextForAuthentication(IConnectContext connectContext);
 
+	/**
+	 * Set the remote service call policy to enable authorization on remote service method calls
+	 * @param policy Implementation of <code>IRemoteServiceCallPolicy</code> containing authorization specific code
+	 */
+	public void setRemoteServiceCallPolicy(IRemoteServiceCallPolicy policy);
+
 }
Index: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
===================================================================
RCS file: src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
diff -N src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ src/org/eclipse/ecf/remoteservice/IRemoteServiceCallPolicy.java	1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,20 @@
+package org.eclipse.ecf.remoteservice;
+
+import org.eclipse.ecf.core.identity.ID;
+
+/**
+ * Interface providing the ability to add authorization on a remote service method call.
+ *
+ */
+public interface IRemoteServiceCallPolicy {
+	/**
+	 * Wrapper method of the remote method call to add authorization. The remote method call should be performed
+	 * within this method.
+	 * @param registration Remote service registration
+	 * @param call Remote method call
+	 * @param fromID Container ID of the caller
+	 * @return Result of the remote service method call
+	 * @throws Exception An authorization exception or any exception the remote service method call can throw 
+	 */
+	public Object callWithAuthorization(IRemoteServiceRegistration registration, IRemoteCall call, ID fromID) throws Exception;
+}

Back to the top