Table of Contents Previous Next PDF


C++ Security Reference

C++ Security Reference
This topic contains the C++ method descriptions for CORBA security.
SecurityLevel1::Current::get_attributes
Synopsis
Returns attributes for the Current interface.
OMG IDL Definition
Security::AttributeList get_attributes(
in Security::AttributeTypeList attributes
);
};
Argument
attributes
The set of security attributes (privilege attribute types) whose values are desired. If this list is empty, all attributes are returned.
Description
This method gets privilege (and other) attributes from the principal’s credentials for the Current interface.
Return Values
The following table describes valid return values.
 
Note:
The defining_authority field is always empty. Depending on the security level defined in the UBBCONFIG file not all the values for the get_attribute method may be available. Two additional values, Group Id and Role, are available with the security level is set to ACL or MANDATORY_ACL in the UBBCONFIG file.
Note:
This information is taken from CORBAservices: Common Object Services Specification, pp. 15-103, 104. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
SecurityLevel2::PrincipalAuthenticator::authenticate
Synopsis
Authenticates the principal and optionally obtains credentials for the principal.
OMG IDL Definition
Security::AuthenticationStatus
authenticate(
in Security::AuthenticationMethod method,
in Security::SecurityName security_name,
in Security::Opaque auth_data,
in Security::AttributeList privileges,
out Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data );
Arguments
method
The security mechanism to be used. Valid values are Tobj::TuxedoSecurity and Tobj::CertificateBased.
security_name
The principal’s identification information (for example, logon information). The value must be a pointer to a NULL-terminated string containing the username of the principal. The string is limited to 30 characters, excluding the NULL character.
When using certificate authentication, this name is used to look up a certificate in the LDAP-enabled directory service. It is also used as the basis for the name of the file in which the private key is stored. For example:
milozzi@company.com is the e-mail address used to look up a certificate in the LDAP-enabled directory service and milozzi_company.pem is the name of the private key file.
auth_data
The principals’ authentication, such as their password or private key. If the Tobj:TuxedoSecurity security mechanism is specified, the value of this argument is dependent on the configured level of authentication. If the Tobj::CertificateBased argument is specified, the value of this argument is the pass phrase used to decrypt the private key of the principal.
privileges
The privilege attributes requested.
creds
The object reference of the newly created Credentials object.The object reference is not fully initialized; therefore, the object reference cannot be used until the return value of the SecurityLevel2::Current::authenticate method is SecAuthSuccess.
continuation_data
If the return value of the SecurityLevel2::Current::authenticate method is SecAuthContinue, this argument contains the challenge information for the authentication to continue. The value returned will always be empty.
auth_specific_data
Information specific to the authentication service being used. The value returned will always be empty.
Description
The SecurityLevel2::Current::authenticate method is used by the client application to authenticate the principal and optionally request privilege attributes that the principal requires during its session with the Oracle Tuxedo domain.
If the Tobj::TuxedoSecurity security mechanism is to be specified, the same functionality can be obtained by calling the Tobj::PrincipalAuthenticator::logon operation, which provides the same functionality but is specifically tailored for use with the ATMI authentication security mechanism.
Return Values
The following table describes the valid return values.
 
The authentication process was inconsistent or an error occurred during the process. Therefore, the creds argument does not contain an object reference to a Credentials object.
If the Tobj::TuxedoSecurity security mechanism is used, this return value indicates that authentication failed or that the client application was already authenticated and did not call either the Tobj::PrincipalAuthenticator::logoff or the Tobj_Bootstrap::destroy_current operation.
Indicates that the authentication procedure uses a challenge/response mechanism. The creds argument contains the object reference of a partially initialized Credentials object. The continuation_data indicates the details of the challenge.
If the Tobj::TuxedoSecurity security mechanism is used, this return value is never returned.
The CORBA::BAD_PARAM exception occurs if:
Values for the security_name, auth_data, or privileges arguments are not specified.
The value of the method argument is Tobj::TuxedoSecurity and the content of the auth_data argument contains a username or a clientname as an empty or a NULL string.
 
SecurityLevel2::Current::set_credentials
Synopsis
Sets credentials type.
OMG IDL Definition
void set_credentials(
in Security::CredentialType cred_type,
in Credentials creds
);
Arguments
cred_type
The type of credentials to be set; that is, invocation, own, or non-repudiation.
creds
The object reference to the Credentials object, which is to become the default.
Description
This method can be used only to set SecInvocationCredentials; otherwise, ­set_credentials raises CORBA::BAD_PARAM. The credentials must have been obtained from a previous call to SecurityLevel2::Current::get_credentials or SecurityLevel2::PrincipalAuthenticator::authenticate.
Return Values
None.
Note:
This information is taken from CORBAservices: Common Object Services Specification, p. 15-104. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
SecurityLevel2::Current::get_credentials
Synopsis
Gets credentials type.
OMG IDL Definition
Credentials get_credentials(
in Security::CredentialType cred_type
);
Argument
cred_type
The type of credentials to get.
Description
This call can be used only to get SecInvocationCredentials; otherwise, get_credentials raises CORBA::BAD_PARAM. If no credentials are available, get_credentials raises CORBA::BAD_INV_ORDER.
Return Values
Returns the active credentials in the client application only.
Note:
This information is taken from CORBAservices: Common Object Services Specification, p. 15-105. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
SecurityLevel2::Current::principal_authenticator
Synopsis
Returns the PrincipalAuthenticator.
OMG IDL Definition
readonly attribute PrincipalAuthenticator
principal_authenticator;
Description
The PrincipalAuthenticator returned by the principal_authenticator attribute is of actual type Tobj::PrincipalAuthenticator. Therefore, it can be used both as a Tobj::PrincipalAuthenticator and as a SecurityLevel2::PrincipalAuthenticator.
Note:
This method raises CORBA::BAD_INV_ORDER if it is called on an invalid SecurityCurrent object.
Return Values
Returns the PrincipalAuthenticator.
SecurityLevel2::Credentials
Synopsis
Represents a particular principal’s credential information that is specific to a process. A Credentials object that supports the SecurityLevel2::Credentials interface is a locality-constrained object. Any attempt to pass a reference to the object outside its locality, or any attempt to externalize the object using the CORBA::ORB::object_to_string() operation, results in a CORBA::Marshall exception.
OMG IDL Definition
#ifndef _SECURITY_LEVEL_2_IDL
#define _SECURITY_LEVEL_2_IDL

#include <SecurityLevel1.idl>

#pragma prefix “omg.org”

module SecurityLevel2
  {
  interface Credentials
    {
    attribute Security::AssociationOptions
                                  invocation_options_supported;
    attribute Security::AssociationOptions
                                 invocation_options_required;
Security::AttributeList
    get_attributes(
      in Security::AttributeTypeList      attributes );

    boolean
    is_valid(
      out Security::UtcT                      expiry_time );

};
  };
#endif /* _SECURITY_LEVEL_2_IDL */
C++ Declaration
class SecurityLevel2
  {
  public:
    class Credentials;
    typedef Credentials * Credentials_ptr;

  class Credentials : public virtual CORBA::Object
    {
    public:
       static Credentials_ptr _duplicate(Credentials_ptr obj);
       static Credentials_ptr _narrow(CORBA::Object_ptr obj);
       static Credentials_ptr _nil();

       virtual Security::AssociationOptions
      invocation_options_supported() = 0;
       virtual void
           invocation_options_supported(
               const Security::AssociationOptions options ) = 0;
       virtual Security::AssociationOptions
          invocation_options_required() = 0;
       virtual void
          invocation_options_required(
               const Security::AssociationOptions options ) = 0;

       virtual Security::AttributeList *
          get_attributes(
               const Security::AttributeTypeList & attributes) = 0;

       virtual CORBA::Boolean
           is_valid( Security::UtcT_out expiry_time) = 0;

     protected:
       Credentials(CORBA::Object_ptr obj = 0);
       virtual ~Credentials() { }

     private:
       Credentials( const Credentials&) { }
       void operator=(const Credentials&) { }
     }; // class Credentials
   }; // class SecurityLevel2
SecurityLevel2::Credentials::get_attributes
Synopsis
Gets the attribute list attached to the credentials.
OMG IDL Definition
Security::AttributeList get_attributes(
in AttributeTypeList attributes
);
Argument
attributes
The set of security attributes (privilege attribute types) whose values are desired. If this list is empty, all attributes are returned.
Description
This method returns the attribute list attached to the credentials of the principal. In the list of attribute types, you are required to include only the type value(s) for the attributes you want returned in the AttributeList. Attributes are not currently returned based on attribute family or identities. In most cases, this is the same result you would get if you called SecurityLevel1::Current::get_attributes(), since there is only one valid set of credentials in the principal at any instance in time. The results could be different if the credentials are not currently in use.
Return Values
Returns attribute list.
Note:
This is information taken from CORBAservices: Common Object Services Specification, p. 15-97. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
SecurityLevel2::Credentials::invocation_options_supported
Synopsis
Indicates the maximum number of security options that can be used when establishing an SSL connection to make an invocation on an object in the Oracle Tuxedo domain.
OMG IDL Definition
attribute Security::AssociationOptions
invocation_options_supported;
Argument
None.
Description
This method should be used in conjunction with the SecurityLevel2::Credentials::invocation_options_required method.
The following security options can be specified:
 
Return Values
The list of defined security options.
If the Tobj::TuxedoSecurity security mechanism is used to create the security association, only the NoProtection, EstablishTrustInClient, and SimpleDelegation security options are returned. The EstablishTrustInClient security option appears only if the security level of the CORBA application is defined to require passwords to access the Oracle Tuxedo domain.
Note:
A CORBA::NO_PERMISSION exception is returned if the security options specified are not supported by the security mechanism defined for the CORBA application. This exception can also occur if the security options specified have less capabilities than the security options specified by the SecurityLevel2::Credentials::invocation_options_required method.
The invocation_options_supported attribute has set() and get() methods. You cannot use the set() method when using the Tobj::TuxedoSecurity security mechanism to get a Credentials object. If you do use the set() method with the Tobj::TuxedoSecurity security mechanism, a CORBA::NO_PERMISSION exception is returned.
SecurityLevel2::Credentials::invocation_options_required
Synopsis
Specifies the minimum number of security options to be used when establishing an SSL connection to make an invocation on a target object in the Oracle Tuxedo domain.
OMG IDL Definition
attribute Security::AssociationOptions
invocation_options_required;
Argument
None.
Description
Use this method to specify that communication between principals and the Oracle Tuxedo domain should be protected. After using this method, a Credentials object makes an invocation on a target object using the SSL protocol with the defined level of security options. This method should be used in conjunction with the SecurityLevel2::Credentials::invocation_options_supported method.
The following security options can be specified:
 
Return Values
The list of defined security options.
If the Tobj::TuxedoSecurity security mechanism is used to create the security association, only the NoProtection, EstablishTrustInClient, and SimpleDelegation security options are returned. The EstablishTrustInClient security option appears only if the security level of the CORBA application is defined to require passwords to access the Oracle Tuxedo domain.
Note:
A CORBA::NO_PERMISSION exception is returned if the security options specified are not supported by the security mechanism defined for the CORBA application. This exception can also occur if the security options specified have more capabilities than the security options specified by the SecurityLevel2::Credentials::invocation_options_supported method.
The invocation_options_required attribute has set() and get() methods. You cannot use the set() method when using the Tobj::TuxedoSecurity security mechanism to get a Credentials object. If you do use the set() method with the Tobj::TuxedoSecurity security mechanism, a CORBA::NO_PERMISSION exception is returned.
SecurityLevel2::Credentials::is_valid
Synopsis
Checks status of credentials.
OMG IDL Definition
boolean is_valid(
out Security::UtcT expiry_time
);
Description
This method returns TRUE if the credentials used are active at the time; that is, you did not call Tobj::PrincipalAuthenticator::logoff or Tobj_Bootstrap::destroy_current. If this method is called after Tobj::PrincipalAuthenticator::logoff(), FALSE is returned. If this method is called after Tobj_Bootstrap::destroy_current(), the CORBA::BAD_INV_ORDER exception is raised.
Return Values
The expiration date returned contains the maximum unsigned long long value in C++. Until the unsigned long long datatype is adopted, the ulonglong datatype is substituted. The ulonglong datatype is defined as follows:
// interim definition of type ulonglong pending the
// adoption of the type extension by all client ORBs.
struct ulonglong {
unsigned long low;
unsigned long high;
};
Note:
This information is taken from CORBAservices: Common Object Services Specification, p. 15-97. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
SecurityLevel2::PrincipalAuthenticator
Synopsis
Allows a principal to be authenticated. A Principal Authenticator object that supports the SecurityLevel2::PrincipalAuthenticator interface is a locality-constrained object. Any attempt to pass a reference to the object outside its locality, or any attempt to externalize the object using the CORBA::ORB::object_to_string() operation, results in a CORBA::Marshall exception.
OMG IDL Definition
#ifndef _SECURITY_LEVEL_2_IDL
#define _SECURITY_LEVEL_2_IDL

#include <SecurityLevel1.idl>

#pragma prefix “omg.org”

module SecurityLevel2
   {
   interface PrincipalAuthenticator
      { // Locality Constrained
      Security::AuthenticationStatus authenticate (
         in Security::AuthenticationMethod method,
         in Security::SecurityName security_name,
         in Security::Opaque auth_data,
         in Security::AttributeList privileges,
         out Credentials creds,
         out Security::Opaque continuation_data,
         out Security::Opaque auth_specific_data
      );

   Security::AuthenticationStatus continue_authentication (
         in Security::Opaque response_data,
         in Credentials creds,
         out Security::Opaque continuation_data,
         out Security::Opaque auth_specific_data
      );
      };
   };
#endif // SECURITY_LEVEL_2_IDL

#pragma prefix "beasys.com"
module Tobj
   {
   const Security::AuthenticationMethod
      TuxedoSecurity = 0x54555800;
      CertificateBased = 0x43455254;
   };
C++ Declaration
class SecurityLevel2
  {
  public:
    class PrincipalAuthenticator;
    typedef PrincipalAuthenticator * PrincipalAuthenticator_ptr;
  class PrincipalAuthenticator : public virtual CORBA::Object
    {
    public:
       static PrincipalAuthenticator_ptr
         _duplicate(PrincipalAuthenticator_ptr obj);
       static PrincipalAuthenticator_ptr
         _narrow(CORBA::Object_ptr obj);
       static PrincipalAuthenticator_ptr _nil();

       virtual Security::AuthenticationStatus
            authenticate (
              Security::AuthenticationMethod method,
              const char * security_name,
              const Security::Opaque & auth_data,
              const Security::AttributeList & privileges,
              Credentials_out creds,
              Security::Opaque_out continuation_data,
              Security::Opaque_out auth_specific_data) = 0;

       virtual Security::AuthenticationStatus
          continue_authentication (
                     const Security::Opaque & response_data,
                     Credentials_ptr & creds,
                     Security::Opaque_out continuation_data,
                     Security::Opaque_out auth_specific_data) = 0;
    protected:
       PrincipalAuthenticator(CORBA::Object_ptr obj = 0);
       virtual ~PrincipalAuthenticator() { }

    private:
       PrincipalAuthenticator( const PrincipalAuthenticator&) { }
       void operator=(const PrincipalAuthenticator&) { }
     }; // class PrincipalAuthenticator
   };
SecurityLevel2::PrincipalAuthenticator::continue_authentication
Synopsis
Always fails.
OMG IDL Definition
Security::AuthenticationStatus continue_authentication(
in Security::Opaque response_data,
in Credentials    creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
Description
Because the Oracle Tuxedo software does authentication in one step, this method always fails and returns Security::AuthenticationStatus::SecAuthFailure.
Return Values
Always returns Security::AuthenticationStatus::SecAuthFailure.
Note:
This information is taken from CORBAservices: Common Object Services Specification, pp. 15-92, 93. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
Tobj::PrincipalAuthenticator::get_auth_type
Synopsis
Gets the type of authentication expected by the Oracle Tuxedo domain.
OMG IDL Definition
AuthType get_auth_type();
Description
This method returns the type of authentication expected by the Oracle Tuxedo domain.
Note:
This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object.
Return Values
A reference to the Tobj_AuthType enumeration. Returns the type of authentication required to access the Oracle Tuxedo domain. The following table describes the valid return values.
 
To specify this level of security, specify the NONE value for the SECURITY parameter in the RESOURCES section of the UBBCONFIG file.
To specify this level of security, specify the APP_PW value for the SECURITY parameter in the RESOURCES section of the UBBCONFIG file.
To specify this level of security, specify the USER_AUTH value for the SECURITY parameter in the RESOURCES section of the UBBCONFIG file.
Tobj::PrincipalAuthenticator::logon
Synopsis
Authenticates the principal.
OMG IDL Definition
Security::AuthenticationStatus logon(
in string user_name,
in string client_name,
in string system_password,
in string user_password,
in UserAuthData user_data
);
Arguments
user_name
The Oracle Tuxedo username. The authentication level is TOBJ_NOAUTH. If user_name is NULL or empty, or exceeds 30 characters, logon raises CORBA::BAD_PARAM.
client_name
The Oracle Tuxedo name of the client application. The authentication level is TOBJ_NOAUTH. If the client_name is NULL or empty, or exceeds 30 characters, logon raises the CORBA::BAD_PARAM exception.
system_password
The CORBA client application password. The authentication level is TOBJ_SYSAUTH. If the client name is NULL or empty, or exceeds 30 characters, logon raises the CORBA::BAD_PARAM exception.
Note:
The system_password must not exceed 30 characters.
user_password
The user password (needed for use by the default Oracle Tuxedo authentication service). The authentication level is TOBJ_APPAUTH. The password must not exceed 30 characters.
user_data
Data that is specific to the client application (needed for use by a custom Oracle Tuxedo authentication service). The authentication level is TOBJ_APPAUTH.
Note:
TOBJ_SYSAUTH includes the requirements of TOBJ_NOAUTH, plus a client application password. TOBJ_APPAUTH includes the requirements of TOBJ_SYSAUTH, plus additional information, such as a user password or user data.
Note:
The user_password and user_data arguments are mutually exclusive, depending on the requirements of the authentication service used in the configuration of the Oracle Tuxedo domain. The Oracle Tuxedo default authentication service expects a user password. A customized authentication service may require user data. The logon call raises the CORBA::BAD_PARAM exception if both user_password and user_data are specified.
Description
This method authenticates the principal via the IIOP Listener/Handler so that the principal can access an Oracle Tuxedo domain. This method is functionally equivalent to SecurityLevel2::PrincipalAuthenticator::authenticate, but the arguments are oriented to ATMI authentication.
Note:
This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object.
Return Values
The following table describes the valid return values.
 
Tobj::PrincipalAuthenticator::logoff
Synopsis
Discards the security context associated with the principal.
OMG IDL Definition
void logoff();
Description
This call discards the security context, but does not close the network connections to the Oracle Tuxedo domain. Logoff also invalidates the current credentials. After logging off, invocations using existing object references fail if the authentication type is not TOBJ_NOAUTH.
If the principal is currently authenticated to an Oracle Tuxedo domain, calling Tobj_Bootstrap::destroy_current() calls logoff implicitly.
Note:
This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object.
Return Values
None.
Tobj::PrincipalAuthenticator::build_auth_data
Synopsis
Creates authentication data and attributes for use by SecurityLevel2::PrincipalAuthenticator::authenticate.
OMG IDL Definition

void build_auth_data(
in string user_name,
in string client_name,
in string system_password,
in string user_password,
in UserAuthData user_data,
out Security::Opaque auth_data,
out Security::AttributeList privileges
);
Arguments
user_name
The Oracle Tuxedo username.
client_name
The CORBA client name.
system_password
The CORBA client application password.
user_password
The user password (default Oracle Tuxedo authentication service).
user_data
Client application-specific data (custom Oracle Tuxedo authentication service).
auth_data
For use by authenticate.
privileges
For use by authenticate.
Note:
If user_name, client_name, or system_password is NULL or empty, or exceeds 30 characters, the subsequent authenticate method invocation raises the CORBA::BAD_PARAM exception.
Note:
The user_password and user_data parameters are mutually exclusive, depending on the requirements of the authentication service used in the configuration of the Oracle Tuxedo domain. The Oracle Tuxedo default authentication service expects a user password. A customized authentication service may require user data. If both user_password and user_data are specified, the subsequent authentication call raises the CORBA::BAD_PARAM exception.
Description
This method is a helper function that creates authentication data and attributes to be used by SecurityLevel2::PrincipalAuthenticator::authenticate.
Note:
This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object.
Return Values
None.
 

Copyright © 1994, 2017, Oracle and/or its affiliates. All rights reserved.