[Ace-users] Re: [tao-users] Getting SSL-Certificate for object
reference via SSLIOP connection
rene.lehfeld at nsn.com
rene.lehfeld at nsn.com
Mon Jun 18 12:46:50 CDT 2007
Hi Chris,
Thanks for your reply. I think you are right. From the documentation of 'Using the TAO::Transport::Current Feature', I can see that the current object can only be used within
Within Client-side interception points;
Within Server-side interception points;
Inside a Servant up-call
I tried to access the object not within any of those points. I will try within a client-side interception point. Thanks for your reply as I think it brougth me close to the solution.
Regards
René
>-----Original Message-----
>From: ext Chris Cleeland [mailto:cleeland at ociweb.com]
>Sent: Monday, 18 June, 2007 17:51
>To: Lehfeld Rene (NSN - DE/Duesseldorf)
>Cc: tao-users at cse.wustl.edu
>Subject: Re: [tao-users] Getting SSL-Certificate for object
>reference via SSLIOP connection
>
>
>On Jun 18, 2007, at 10:27 AM, <rene.lehfeld at nsn.com> wrote:
>> Does there exists a possibility to get the SSL-Certificate for an
>> object reference when connected via SSLIOP?
>
>Certificates are not associated with objects; they are
>associated with endpoints of an SSL session. You may already
>realize this, but it's a significant enough distinction that I
>wanted to point it out before you designed a system around an
>erroneous assumption.
>
>Based on that clarification, then, you want to be able to
>inspect the server-side's certificate from the client side?
>I'm not sure that's possible from application space, and,
>based on how TAO uses connections, I'm not quite sure how it
>would be possible.
>
>> It seems the SSLIOP_Current Object can only be used within a sever
>> object when a request come in. I need it in the "opposite" direction.
>
>Have you tried using a client request interceptor and
>accessing SSLIOP_Current in the send_request() interception
>point? This is the only place I can think of where it might
>work, because the ORB should have assigned a transport (i.e.,
>a connection) at that point.
>
>---
>Chris Cleeland, Principal Software Engineer
>http://www.theaceorb.com AND http://www.ociweb.com
>
>
>
More information about the Ace-users
mailing list