Archived
This forum has been archived. Please start a new discussion on GitHub.
How to identify which session obejct?
in Help Center
How do I know or identify which session object servant that used when I invoke operation through routed proxy. I implement custom SessionManager & PermissionVerifier.
Example scenario:
client side doing:
- Create Session, by invoke glacier router createSession, session created successfully
- Invoke my operation eg. getAccountProfile(), my operation invoked successfully my client get his profile
on server side:
- create session with uuid inside my custom sessionmanger.
- inside operation getAccountProfile() I need to check which session that used by the client when he invoke getAccountProfile() .
Example scenario:
client side doing:
- Create Session, by invoke glacier router createSession, session created successfully
- Invoke my operation eg. getAccountProfile(), my operation invoked successfully my client get his profile
on server side:
- create session with uuid inside my custom sessionmanger.
- inside operation getAccountProfile() I need to check which session that used by the client when he invoke getAccountProfile() .
0
Comments
-
The simplest way to do this is to have the client itself call on a server hosted facade object. The server hosted facade object then invokes on the backend with whatever data is necessary to identify the client.
For example:struct AccountProfile { string accountId; // .... whatever else. }; interface AccountFacade { AccountProfile getAccountProfile(); }; interface Session { AccountFacade* getAccount(); };0 -
thank you Matthew,
With your work around example do you mean that I have to add facade proxy to my custom session (my session extend glacier2::session)?.
I think with that solution I have changes my slice definition that already published to my client, and my client have to changes their way to invoke operation. I dont' want any changes on client side.
I hope there is a way to get it from ice runtime, from Ice.Current object maybe?
My Idea is to add some information about session to Current.Context when operation Glacier2::Session create invoked, and then on my operation, eg. getAccountProfile(Ice.Current current) i retrieve information about that session.0 -
How is your slice structured? Without knowing how you have structured things it is hard to help.
If you use use SSL authentication you can use the Glacier2.AddConnectionContext property to add _con.peerCert automatically to all requests.
However, depending how your contract is structured then perhaps there is a cleaner method. For example, if you have some sort of "account" object then you can encode the users credentials in the identity of the Ice object for a given users account.interface Account { float getBalance(); };
For the account for user "matthew" then you can use an identity like:Ice::Identity id; id.category = "matthew"; id.name = "account";
Given an invocation on that object you know the credentials from the category. Now you want to restrict other users from access to this account. Glacier2 has a perfect solution to this with Dynamic Request Filtering
So in the session object you'd add a filter for the appropriate identities/categories and life is good.0
