Quantcast
Channel:
Viewing all articles
Browse latest Browse all 43889

Wiki Page: CORBA.NO_PERMISSION exception thrown when Visibroker client making a SSL connection with TAO ORB Naming Service

$
0
0
Problem: The following exception is encountered when VisiBroker client tries to connect securely to a TAO ORB Naming Server: org.omg.CORBA.NO_PERMISSION: Cannot connect to unsecure server. Client QoP requires security  vmcid: 0x0  minor code: 0  completed: No Resolution: The incompatibility issue was found in the AssociationOptions in the TAG_SSL_SEC_TRANS tag in the IOR. The AssociationOptions in the TAG in VisiBroker Naming Service's IOR: TAG_SSL_SEC_TRANS { Supports = 102 Requires = 66 Port = 33990} The AssociationOptions in the TAG in TAO Naming Service's IOR: TAG_SSL_SEC_TRANS { Supports = 166 Requires = 134 Port = 22001} It is transformed to the following: VisiBroker IOR: TAG_SSL_SEC_TRANS (Supports 102= 0000 0110 0110, Requires  66= 0000 0100 0010) TAO IOR: TAG_SSL_SEC_TRANS (Supports 166= 0000 1010 0110, Requires 134= 0000 1000 0110) These are 12 bit fields and the definitions are given in 24.9.4 of CORBA 3.0.  The first 5 bits (counting from most significant) are for delegation. TAO's use of "1" in the 5th most significant bit means "No Delegation" whereas the four leading "0"s in VisiBroker IOR also imply there is no delegation. In the latter, the 5th bit is set as "0". VisiBroker Client QoP checks the NoDelegation bit in the IOR and require it to be not set. To resolve this issue, the VisiBroker client needs to set vbroker.security.client.supportNoDelegation=true to accept an IORs with 5th most significant bit set.  The default value is false.

Viewing all articles
Browse latest Browse all 43889

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>