Back to index

nordugrid-arc-nox  1.1.0~rc6
MCC.cpp
Go to the documentation of this file.
00001 #ifdef HAVE_CONFIG_H
00002 #include <config.h>
00003 #endif
00004 
00005 #include <algorithm>
00006 
00007 #include <glibmm/fileutils.h>
00008 
00009 #include <arc/message/MCC.h>
00010 
00011 namespace Arc {
00012 
00013   Logger MCC::logger(Logger::getRootLogger(), "MCC");
00014 
00015   void MCC::Next(MCCInterface *next, const std::string& label) {
00016     if (next == NULL)
00017       next_.erase(label);
00018     else
00019       next_[label] = next;
00020   }
00021 
00022   MCCInterface *MCC::Next(const std::string& label) {
00023     std::map<std::string, MCCInterface *>::iterator n = next_.find(label);
00024     if (n == next_.end())
00025       return NULL;
00026     return n->second;
00027   }
00028 
00029   void MCC::Unlink() {
00030     for (std::map<std::string, MCCInterface *>::iterator n = next_.begin();
00031          n != next_.end(); n = next_.begin())
00032       next_.erase(n);
00033   }
00034 
00035   void MCC::AddSecHandler(Config *cfg, ArcSec::SecHandler *sechandler,
00036         const std::string& label) {
00037     if (sechandler) {
00038       sechandlers_[label].push_back(sechandler);
00039       // need polishing to put the SecHandlerFactory->getinstance here
00040       XMLNode cn = (*cfg)["SecHandler"];
00041       Config cfg_(cn);
00042     }
00043   }
00044 
00045   bool MCC::ProcessSecHandlers(Message& message,
00046              const std::string& label) const {
00047     // Each MCC/Service can define security handler queues in the configuration
00048     // file, the queues have labels specified in handlers configuration 'event'
00049     // attribute.
00050     // Security handlers in one queue are called sequentially.
00051     // Each one should be configured carefully, because there can be some
00052     // relationship between them (e.g. authentication should be put in front
00053     // of authorization).
00054     // The SecHandler::Handle() only returns true/false with true meaning that
00055     // handler processed message successfuly. If SecHandler implements
00056     // authorization functionality, it returns false if message is disallowed
00057     // and true otherwise.
00058     // If any SecHandler in the handler chain produces some information which
00059     // will be used by some following handler, the information should be
00060     // stored in the attributes of message (e.g. the Identity extracted from
00061     // authentication will be used by authorization to make access control
00062     // decision).
00063     std::map<std::string, std::list<ArcSec::SecHandler *> >::const_iterator q =
00064       sechandlers_.find(label);
00065     if (q == sechandlers_.end()) {
00066       logger.msg(DEBUG,
00067      "No security processing/check requested for '%s'", label);
00068       return true;
00069     }
00070     for (std::list<ArcSec::SecHandler *>::const_iterator h = q->second.begin();
00071          h != q->second.end(); ++h) {
00072       const ArcSec::SecHandler *handler = *h;
00073       if (!handler)
00074         continue; // Shouldn't happen. Just a sanity check.
00075       if (!(handler->Handle(&message))) {
00076         logger.msg(INFO, "Security processing/check failed");
00077         return false;
00078       }
00079     }
00080     logger.msg(DEBUG, "Security processing/check passed");
00081     return true;
00082   }
00083 
00084   XMLNode MCCConfig::MakeConfig(XMLNode cfg) const {
00085     XMLNode mm = BaseConfig::MakeConfig(cfg);
00086     std::list<std::string> mccs;
00087     for (std::list<std::string>::const_iterator path = plugin_paths.begin();
00088          path != plugin_paths.end(); path++) {
00089       try {
00090         Glib::Dir dir(*path);
00091         for (Glib::DirIterator file = dir.begin(); file != dir.end(); file++) {
00092           if ((*file).substr(0, 6) == "libmcc") {
00093             std::string name = (*file).substr(6, (*file).find('.') - 6);
00094             if (std::find(mccs.begin(), mccs.end(), name) == mccs.end()) {
00095               mccs.push_back(name);
00096               cfg.NewChild("Plugins").NewChild("Name") = "mcc" + name;
00097             }
00098           }
00099           //Since the security handler could also be used by mcc like
00100           // tls and soap, putting the libarcshc here. Here we suppose
00101           // all of the sec handlers are put in libarcshc
00102           // TODO: Rewrite it to behave in generic way.
00103           //if ((*file).substr(0, 9) == "libarcshc") {
00104           //  cfg.NewChild("Plugins").NewChild("Name") = "arcshc";
00105           //}
00106         }
00107       }
00108       catch (Glib::FileError) {}
00109     }
00110     return mm;
00111   }
00112 
00113 /*
00114   SecHandlerConfig::SecHandlerConfig(XMLNode cfg) {
00115     cfg.New(cfg_);
00116     NS ns("cfg","http://www.nordugrid.org/schemas/ArcConfig/2007");
00117     cfg_.Namespaces(ns);
00118     cfg_.Name("cfg:SecHandler");
00119   }
00120 
00121   XMLNode SecHandlerConfig::MakeConfig(XMLNode cfg) const {
00122     cfg.NewChild(cfg_);
00123     return cfg;
00124   }
00125 */
00126 
00127 } // namespace Arc