Problem: The following exception is encountered when VisiBroker client tries to connect securely to a TAO ORB Naming Server: org.omg.CORBA.NO_PERMISSION: Cannot connect to unsecure server. Client QoP requires security vmcid: 0x0 minor code: 0 completed: No Resolution: The incompatibility issue was found in the AssociationOptions in the TAG_SSL_SEC_TRANS tag in the IOR. The AssociationOptions in the TAG in VisiBroker Naming Service's IOR: TAG_SSL_SEC_TRANS { Supports = 102 Requires = 66 Port = 33990} The AssociationOptions in the TAG in TAO Naming Service's IOR: TAG_SSL_SEC_TRANS { Supports = 166 Requires = 134 Port = 22001} It is transformed to the following: VisiBroker IOR: TAG_SSL_SEC_TRANS (Supports 102= 0000 0110 0110, Requires 66= 0000 0100 0010) TAO IOR: TAG_SSL_SEC_TRANS (Supports 166= 0000 1010 0110, Requires 134= 0000 1000 0110) These are 12 bit fields and the definitions are given in 24.9.4 of CORBA 3.0. The first 5 bits (counting from most significant) are for delegation. TAO's use of "1" in the 5th most significant bit means "No Delegation" whereas the four leading "0"s in VisiBroker IOR also imply there is no delegation. In the latter, the 5th bit is set as "0". VisiBroker Client QoP checks the NoDelegation bit in the IOR and require it to be not set. To resolve this issue, the VisiBroker client needs to set vbroker.security.client.supportNoDelegation=true to accept an IORs with 5th most significant bit set. The default value is false.
↧