Configuring Security Plug-ins

e-docs > Tuxedo > Using Security in CORBA Applications > Configuring Security Plug-ins

Using Security in CORBA Applications

Configuring Security Plug-ins

This topic includes the Registering the Security Plug-ins (SPIs) section.

Registering the Security Plug-ins (SPIs)

The CORBA and ATMI environments in the BEA Tuxedo product use a common transaction processing (TP) infrastructure that consists of a set of core services, such as security. The TP infrastructure is available to CORBA applications through well defined interfaces. These interfaces allow system administrators to change the default behavior of the TP infrastructure by loading and linking their own service code modules, referred to as security plug-ins.

In order to use a security plug-in, you need to register the security plug-in with the BEA Tuxedo system. The registry of the BEA Tuxedo system is a disk-based repository for storing information related to the security plug-ins. Initially, this registry holds information about the default security plug-ins. Additional entries are made to the registry as custom security plug-ins are added to the BEA Tuxedo system. The registry entry for a security plug-in is a set of binary files that stores information about the plug-in. There is one registry per BEA Tuxedo installation. Every client application, server application, and server machine in a particular CORBA application must use the same set of security plug-ins.

The registry is located in the following directory:

Windows 2000

$TUXDIR\udataobj

UNIX

$TUXDIR/udataobj

The system administrator of a CORBA application in which custom security plug-ins are used is responsible for registering those plug-ins. A system administer can register security plug-ins in the registry of the BEA Tuxedo system only from the local machine. That is, a system administrator cannot register security plug-ins while logged on to the host machine from a remote location.

The following commands are available for managing security plug-ins:

epifreg—for registering a security plug-in
epifunreg—for unregistering a security plug-in
epifregedt—for editing registry information

Instructions for using these commands are available in Developing Security Services for ATMI and CORBA Environments. (This document contains the specifications for the Security SPIs, and describes the BEA Tuxedo plug-in framework feature that makes the dynamic loading and linking of security plug-ins possible.) To obtain this document, see your BEA account executive.

When installing custom security plug-ins, the security vendor that provided the plug-in should provide instructions for using the commands to set up the registry for the BEA Tuxedo system in order to access the customer security plug-ins.