I think it would be good if the Ice registry/locator could actually lock out session allocation of objects that have already been allocated; as it stands now, it is necessary that clients respect the semantics of session allocation. My understanding is that anyone can still get an indirect proxy to an object registered with the locator, bypassing the allocation scheme. But, maybe I'm missing something with Glacier...
Results 1 to 4 of 4
Thread: Session allocation
-
07-26-2007 #1
Registered User
Name: Mark WilsonOrganization: University of RochesterProject: Omega EP laser- Join Date
- Jul 2005
- Location
- Rochester, NY
- Posts
- 100
Session allocation
Mark E. Wilson
Lead Programmer/Analyst
Omega EP Project
Laboratory for Laser Energetics (www.lle.rochester.edu)
University of Rochester
Rochester, NY 14623
-
07-26-2007 #2
ZeroC Staff
Name: Matthew NewhookOrganization: ZeroC, Inc.Project: Internet Communications Engine- Join Date
- Feb 2003
- Location
- NL, Canada
- Posts
- 1,458
If the client goes through Glacier2 then IceGrid will automatically adjust the Glacier2 filters to block access to the allocated object once its been released -- so I don't think this is a problem.
If the client doesn't go through Glacier2 then there is little that IceGrid can do. If the client has a direct proxy to the allocated object unless there is some other mechanism in place to stop access (such as SSL + authentication) then the client is free to directly connect and play with the object in question completely bypassing IceGrid.
-
08-24-2007 #3
Registered User
Name: Mark WilsonOrganization: University of RochesterProject: Omega EP laser
- Join Date
- Jul 2005
- Location
- Rochester, NY
- Posts
- 100
The problem here comes from the way our environment works. We have a lot of users who are inside the firewall that protects our laser system, and, for various reasons, all of the workstations in the system have to be within the firewall, so Glacier2 offers no completely enforceable protection against anyone "in the know" about how Ice works.
Additionally, we cannot use SSL to protect objects (please don't ask "why not?", I'll just start ranting). So, the IceGrid allocation mechanism is not as sealed up as I'd like in our environment. We don't really have to protect against malicious attackers, so it's not a total show stopper, but people do make mistakes; it would be nice to not give them the opportunity to screw up....Mark E. Wilson
Lead Programmer/Analyst
Omega EP Project
Laboratory for Laser Energetics (www.lle.rochester.edu)
University of Rochester
Rochester, NY 14623
-
08-27-2007 #4
ZeroC Staff
Name: Benoit FoucherOrganization: ZeroC, Inc.Project: Ice- Join Date
- Feb 2003
- Location
- Rennes, France
- Posts
- 2,196
Even if the locator didn't return the endpoints of non-allocated indirect object adapters, it would still be possible for a client to contact the server directly if it knows its endpoints. So this wouldn't really add much security to your application.
Doing this would also require more work for client applications as they would need to use a special "session" locator to get access to objects and indirect object adapters which they have allocated.
Cheers,
Benoit.
Reply With QuoteThread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
error: bad allocation
By arisen in forum Help CenterReplies: 6Last Post: 02-24-2009, 04:40 PM -
BasicStream allocation
By Cyril in forum Help CenterReplies: 2Last Post: 01-05-2009, 02:22 AM -
Glacier2 will block all session with callback,when a session hung.
By netfish in forum Help CenterReplies: 6Last Post: 03-14-2008, 10:38 PM -
IceGrid Allocation
By mwilson in forum Help CenterReplies: 1Last Post: 05-22-2007, 09:56 AM -
Bad Allocation on stringToProxy?
By litghost in forum Help CenterReplies: 5Last Post: 03-04-2007, 01:43 PM
