public function AuthorizeAccess($resource, ORBSecurity $security)
{
$resource = ServiceRegistry::GetMapping($resource);
$accessConstraintList = $security->GetConstraints($resource);
$grantConstraints = array();
$rejectConstraints = array();
/*int*/
$currentPriority = 0;
while ($currentPriority < count($accessConstraintList)) {
/*StringCollection*/
$accessConstraintsNames = (array) $accessConstraintList[$currentPriority];
//StringCollection accessConstraintsNames = accessConstraintList[currentPriority];
foreach ($accessConstraintsNames as $constraintName) {
/*AccessConstraint*/
$constraint = $security->getAccessConstraint($constraintName);
//AccessConstraint constraint = (AccessConstraint)security.getAccessConstraint(constraintName);
if ($constraint->IsGrant()) {
array_push($grantConstraints, $constraint);
} else {
array_push($rejectConstraints, $constraint);
}
}
++$currentPriority;
}
foreach ($grantConstraints as $constraint) {
if ($constraint->Validate()) {
if (LOGGING) {
Log::log(LoggingConstants::SECURITY, "access allowed. resource name - '" . $resource . "'. reason - " . $constraint->GetReason());
}
return true;
}
}
foreach ($rejectConstraints as $constraint) {
if (!$constraint->Validate()) {
if (LOGGING) {
Log::log(LoggingConstants::SECURITY, "access denied. resource name - '" . $resource . "'. reason - " . $constraint->GetReason());
}
return false;
}
}
if ($security->GetDeploymentMode() == ORBSecurity::CLOSEDSYSTEM_MODE) {
if (LOGGING) {
Log::log(LoggingConstants::SECURITY, "access to resource " . $resource . " has been denied. WebORB Closed-System Mode requires explicit access declaration for all resources");
}
return false;
}
return true;
}
public function preConfig()
{
try {
/*DestinationManager*/
$destinationManager = $this->orbConfig->getDataServices()->getDestinationManager();
if (count(self::$services) != 0) {
for ($i = 0, $max = count(self::$services); $i < $max; $i++) {
/*String*/
$serviceId = self::$services[$i];
/*RemotingDestination*/
$remotingDestination = $destinationManager->getDestination($serviceId);
if ($remotingDestination == null) {
continue;
}
ORBSecurity::unsecureResource($remotingDestination->serviceId);
$destinationManager->removeDestination($serviceId);
$this->orbConfig->getServiceRegistry()->_removeMapping($serviceId);
}
}
} catch (Exception $exception) {
if (LOGGING) {
Log::log(LoggingConstants::EXCEPTION, $exception->getMessage());
}
}
}
public function execute(Request $request)
{
if (LOGGING) {
Log::log(LoggingConstants::DEBUG, "commandmessage " . $this->operation . " operation");
}
/*Object*/
$returnValue = null;
if ($this->operation == "0") {
/*IDestination*/
$destObj = ORBConfig::getInstance()->getDataServices()->getDestinationManager()->getDestination($this->destination);
/*Hashtable*/
$headers = array();
if ($destObj != null) {
/*String*/
$selectorName = $this->headers["DSSelector"];
/*String*/
$subtopic = $this->headers["DSSubtopic"];
/*String*/
$dsId = $this->headers["DSId"];
/*Subscriber*/
$subscriber = new Subscriber($selectorName, $destObj);
$subscriber->setDSId($dsId);
$subscriber->setSubtopic($subtopic);
$guid = new GUID();
$subscriber->setClientId($guid->toString());
SubscriptionsManager::getInstance()->addSubscriber($dsId, $subscriber);
$destObj->getServiceHandler()->handleSubscribe($subscriber);
} else {
/*String*/
$error = "Unknown destination " . $this->destination . ". Cannot handle subscription request";
if (LOGGING) {
Log::log(LoggingConstants::ERROR, $error);
}
return new ErrMessage($this->messageId, new Exception($error));
}
return new AckMessage($this->messageId, $clientId, null, $headers);
} else {
if ($this->operation == "1") {
/*String*/
$dsId = $this->headers["DSId"];
/*Subscriber*/
$subscriber = SubscriptionsManager::getInstance()->getSubscriber($dsId);
if ($subscriber == null) {
return new ErrMessage($this->messageId, new Exception("Unable to unsubscribe - unknown client"));
}
/*IDestination*/
$destination = $subscriber->getDestination();
$destination->getServiceHandler()->handleUnsubscribe($subscriber);
SubscriptionsManager::getInstance()->removeSubscriber($dsId);
} else {
if ($this->operation == "2") {
/*String*/
$dsId = $this->headers["DSId"];
/*Subscriber*/
$subscriber = SubscriptionsManager::getInstance()->getSubscriber($dsId);
if ($subscriber == null) {
/*String*/
$error = "Invalid client id " . $dsId;
if (LOGGING) {
Log::log(LoggingConstants::ERROR, $error);
}
return new ErrMessage($this->messageId, new Exception($error));
}
/*IDestination*/
$destination = $subscriber->getDestination();
//Log::log( LoggingConstants::INFO, "Getting messages from " . $destination->getServiceHandler() );
/*ArrayList*/
$messages = $destination->getServiceHandler()->getMessages($subscriber);
$subscriber->setLastRequestTime(microtime(true));
if (count($messages) == 0) {
return new AckMessage(null, null, null, array());
}
return $this->createCmdMessage("4", $messages);
} else {
if ($this->operation == "5") {
/*Hashtable*/
$headers = array();
$guid = new GUID();
$headers["DSId"] = $guid->toString();
return new AckMessage($this->messageId, $this->clientId, null, $headers);
} else {
if ($this->operation == "9") {
ThreadContext::setCallerCredentials(null);
} else {
if ($this->operation == "8") {
$arr = $this->body->getBody();
$adaptingType = $arr[0];
$authData = split(":", base64_decode($adaptingType->defaultAdapt()));
$credentials = new Credentials($authData[0], $authData[1]);
$authHandler = ORBSecurity::getAuthenticationHandler(ThreadContext::getORBConfig());
if (LOGGING) {
Log::log(LoggingConstants::DEBUG, "got auth handler " . get_class($authHandler));
}
if ($authHandler == null) {
$errorMessage = new ErrMessage($this->messageId, new ServiceException("Missing authentication handler"));
$errorMessage->faultCode = "Client.Authentication";
return $errorMessage;
}
try {
$authHandler->checkCredentials($credentials->getUserId(), $credentials->getPassword(), $request);
if (LOGGING) {
Log::log(LoggingConstants::DEBUG, "credentials are valid ");
}
ThreadContext::setCallerCredentials($credentials);
} catch (Exception $e) {
if (LOGGING) {
Log::log(LoggingConstants::EXCEPTION, "authentication exception" . $e);
}
$errorMessage = new ErrMessage($this->messageId, $e);
$errorMessage->faultCode = "Client.Authentication";
return $errorMessage;
}
return new AckMessage($this->messageId, $this->clientId, null);
}
}
}
}
}
}
//echo $this->operation; exit;
return new AckMessage($this->messageId, $this->clientId, $returnValue, array());
}
public function execute(Request $request)
{
if ("5" == $this->operation || "2" == $this->operation || "0" == $this->operation || "1" == $this->operation) {
// $bodyData = $request->getRequestBodyData();
// $namedObject = $bodyData[0];
// /*CommandMessage*/ $commandMessage = new CommandMessage($this->operation, $namedObject);
// return $commandMessage->execute($request);
} else {
if ("9" == $this->operation) {
ThreadContext::setCallerCredentials(null);
return new AckMessage($this->messageId, $this->clientId, null);
} else {
if ("8" == $this->operation) {
$arr = $this->body->getBody();
$adaptingType = $arr[0];
$authData = split(":", base64_decode($adaptingType->defaultAdapt()));
$credentials = new Credentials($authData[0], $authData[1]);
$authHandler = ORBSecurity::getAuthenticationHandler(ThreadContext::getORBConfig());
if (LOGGING) {
Log::log(LoggingConstants::DEBUG, "got auth handler " . get_class($authHandler));
}
if (LOGGING) {
Log::log(LoggingConstants::MYDEBUG, "file: 'ReqMessage.php' got auth handler " . get_class($authHandler));
}
if ($authHandler == null) {
$errorMessage = new ErrMessage($this->messageId, new ServiceException("Missing authentication handler"));
$errorMessage->faultCode = "Client.Authentication";
return $errorMessage;
}
try {
$authHandler->checkCredentials($credentials->getUserId(), $credentials->getPassword(), $request);
if (LOGGING) {
Log::log(LoggingConstants::DEBUG, "credentials are valid ");
}
ThreadContext::setCallerCredentials($credentials);
} catch (Exception $e) {
if (LOGGING) {
Log::log(LoggingConstants::EXCEPTION, "authentication exception", $e);
}
$errorMessage = new ErrMessage($this->messageId, $e);
$errorMessage->faultCode = "Client.Authentication";
return $errorMessage;
}
return new AckMessage($this->messageId, $this->clientId, null);
} else {
if (is_null($this->body->getBody())) {
$arr = array(0);
$this->body->setBody($arr);
} else {
if (!is_array($this->body->getBody())) {
$arr = array($this->body->getBody());
$this->body->setBody($arr);
}
}
try {
// Log::log(LoggingConstants::MYDEBUG, $_SESSION["credentials"]);
$resolvedName = ServiceRegistry::getMapping($this->destination);
if ($resolvedName == "*") {
$this->destination = $this->source;
}
$body = $this->body->getBody();
$returnValue = Invoker::handleInvoke($request, $this->destination, $this->operation, $body);
return new AckMessage($this->messageId, $this->clientId, $returnValue);
} catch (Exception $e) {
if (LOGGING) {
Log::log(LoggingConstants::EXCEPTION, "method invocation exception" . $e);
}
return new ErrMessage($this->messageId, $e);
}
}
}
}
}
