Archived
This forum has been archived. Please start a new discussion on GitHub.
Question about Ice Secuirty
I'm trying to implement a grid-like system use Ice.
We have many enhanced node with dynamic compononet load, but now we are puzzled on how to establish an object operation level ACL.
The Ice SSL plug-in can resolve the link security, and the glacier2 can handle link level authority as well as some more security filter with category. But we think that's not enough.
First solution, I try to set the ACL entry point at Ice runtime, at the dispatching process. This is on line 177 of Incoming.cpp:
We define a struct as Token, which contains the user id as well as some user infomations and a digest, and we attach the token into the context, while CheckACL(_current), we can do rule filter with user, roles, object type id, operation, etc... that's what we need. But this solution has some disadvantage. For example, we must allow some operations to do no authencation, such as Token creation functions, for these functions is to create Token so it has no Token. Furthe more, this solution is not beautiful.
The second solution we use Glacier2. Glacier2 is a gateway filter, and it works great. I extends the Session interface to get user infomation, and in ClientBlobject and ServerBlobject, we use session to get user information, and do the authority as well as type, operation, etc... the Ice implementation is only filter category. But this solution also has many disadventage. Glacier2 required to be the doorway between public and private, so we start our service all on 127.0.0.1 to form a private net, but that required all client to set a router. For now, I only know how to set one default router, but as we are implementating a grid-like system, so there are many node, and many glacier, one default router is not fit. I tried to find how to write a route table as a filter ruleset, but I cannot find it, Can anyone suggests how to set a rule to use different router? Further more, my services is all registered on the IcePatchRegistry, so if I started these service on 127.0.0.1, it'll register as proxy on 127.0.0.1, so I cannot work due to only one default router. But even use glacier to guard one node security, i think it's also ugly solution, for it's so heavy.
Can anyone suggests other solution on Ice Security? Is there any improvement on the coming IceGrid? Please tell me some information.
We have many enhanced node with dynamic compononet load, but now we are puzzled on how to establish an object operation level ACL.
The Ice SSL plug-in can resolve the link security, and the glacier2 can handle link level authority as well as some more security filter with category. But we think that's not enough.
First solution, I try to set the ACL entry point at Ice runtime, at the dispatching process. This is on line 177 of Incoming.cpp:
else
{
//if (!CheckACL(_current))
//{
// status = DispatchObjectNotExist;
//}
//else
status = _servant->__dispatch(*this, _current);
}
We define a struct as Token, which contains the user id as well as some user infomations and a digest, and we attach the token into the context, while CheckACL(_current), we can do rule filter with user, roles, object type id, operation, etc... that's what we need. But this solution has some disadvantage. For example, we must allow some operations to do no authencation, such as Token creation functions, for these functions is to create Token so it has no Token. Furthe more, this solution is not beautiful.
The second solution we use Glacier2. Glacier2 is a gateway filter, and it works great. I extends the Session interface to get user infomation, and in ClientBlobject and ServerBlobject, we use session to get user information, and do the authority as well as type, operation, etc... the Ice implementation is only filter category. But this solution also has many disadventage. Glacier2 required to be the doorway between public and private, so we start our service all on 127.0.0.1 to form a private net, but that required all client to set a router. For now, I only know how to set one default router, but as we are implementating a grid-like system, so there are many node, and many glacier, one default router is not fit. I tried to find how to write a route table as a filter ruleset, but I cannot find it, Can anyone suggests how to set a rule to use different router? Further more, my services is all registered on the IcePatchRegistry, so if I started these service on 127.0.0.1, it'll register as proxy on 127.0.0.1, so I cannot work due to only one default router. But even use glacier to guard one node security, i think it's also ugly solution, for it's so heavy.
Can anyone suggests other solution on Ice Security? Is there any improvement on the coming IceGrid? Please tell me some information.
0
Comments
-
I'm afraid a thorough answer to your questions, and to make proposals for the security concept of your grid's design, is out of the scope of the free support we can give here on this message board. However, if you have a commercial interest in this subject, and would like us to provide consulting services to you, please contact us at info@zeroc.com.0
-
what a pit! does there any security issue in the coming IceGrid?0
