blob: e38028532338800b4d4021a67d6bb7201a84f448 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
// **********************************************************************
//
// Copyright (c) 2003-2004 ZeroC, Inc. All rights reserved.
//
// This copy of Ice is licensed to you under the terms described in the
// ICE_LICENSE file included in this distribution.
//
// **********************************************************************
#ifndef GLACIER2_ROUTER_ICE
#define GLACIER2_ROUTER_ICE
#include <Ice/Router.ice>
#include <Glacier2/Session.ice>
/**
*
* &Glacier2; is a firewall solution for Ice. &Glacier2; authenticates
* and filters client requests and allows callbacks to the client in a
* secure fashion. In combination with &IceSSL;, &Glacier2; provides a
* security solution that is both non-intrusive and easy to configure.
*
**/
module Glacier2
{
/**
*
* This exception is raised if a client is denied the ability to create
* a session with the router.
*
* @see Router::createSession
*
**/
exception PermissionDeniedException
{
/**
*
* The reason why permission was denied.
*
**/
string reason;
};
/**
*
* This exception is raised if a client tries to destroy a session
* with a router, but no session exists for the client.
*
* @see Router::destroySession
*
**/
exception SessionNotExistException
{
};
/**
*
* The &Glacier2; specialization of the standard &Ice; router
* interface.
*
**/
interface Router extends Ice::Router
{
/**
*
* Create a per-client session with the router. If a
* [SessionManager] has been installed, a proxy to a [Session]
* object is returned to the client. Otherwise, null is returned
* and only an internal session (i.e., not visible to the client)
* is created.
*
* @see Session
* @see SessionManager
* @see PermissionsVerifier
*
* @return A proxy for the newly created session, or null if no
* [SessionManager] has been installed.
*
* @param userId The user id for which to check the password.
*
* @param password The password for the given user id.
*
* @throws PermissionDeniedException Raised if the password for
* the given user id is not correct, or if the user is not allowed
* access.
*
* @throws CannotCreateSessionException Raised if the session
* cannot be created.
*
**/
Session* createSession(string userId, string password)
throws PermissionDeniedException, CannotCreateSessionException;
/**
*
* Destroy the calling client's session with this router.
*
* @throws SessionNotExistException Raised if no session exists
* for the calling client.
*
**/
["amd"] void destroySession()
throws SessionNotExistException;
};
/**
*
* The &Glacier2; administrative interface. This must only be
* accessible from inside the firewall.
*
**/
interface Admin
{
/**
*
* Shut down the &Glacier2; router.
*
**/
idempotent void shutdown();
};
};
#endif
|
