Using Security in CORBA Applications

     Previous  Next    Contents  Open Index in new window  View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Part I Security Concepts

Overview of the CORBA Security Features

The CORBA Security Features

The CORBA Security Environment

BEA Tuxedo Security SPIs

Introduction to the SSL Technology

The SSL Protocol

Digital Certificates

Certificate Authority

Certificate Repositories

A Public Key Infrastructure

PKCS-5 and PKCS-8 Compliance

Supported Public Key Algorithms

Supported Symmetric Key Algorithms

Supported Message Digest Algorithms

Supported Cipher Suites

Standards for Digital Certificates

Fundamentals of CORBA Security

Link-Level Encryption

How LLE Works

Encryption Key Size Negotiation

Determining min-max Values

Finding a Common Key Size

WSL/WSH Connection Timeout During Initialization

Development Process

Password Authentication

How Password Authentication Works

Development Process for Password Authentication

The SSL Protocol

How the SSL Protocol Works

Requirements for Using the SSL Protocol

Development Process for the SSL Protocol

Certificate Authentication

How Certificate Authentication Works

Development Process for Certificate Authentication

Using an Authentication Plug-in



PKI Plug-ins

Commonly Asked Questions About the CORBA Security Features

Do I Have to Change the Security in an Existing CORBA Application?

Can I Use the SSL Protocol in an Existing CORBA Application?

When Should I Use Certificate Authentication?

Part II Security Adminstration

Managing Public Key Security

Requirements for Using Public Key Security

Who Needs Digital Certificates and Private/Private Key Pairs?

Requesting a Digital Certificate

Publishing Certificates in the LDAP Directory Service

Editing the LDAP Search Filter File

Storing the Private Keys in a Common Location

Defining the Trusted Certificate Authorities

Creating a Peer Rules File

Configuring Link-Level Encryption

Understanding min and max Values

Verifying the Installed Version of LLE

Configuring LLE on CORBA Application Links

Configuring the SSL Protocol

Setting Parameters for the SSL Protocol

Defining a Port for SSL Network Connections

Enabling Host Matching

Setting the Encryption Strength

Setting the Interval for Session Renegotiation

Defining Security Parameters for the IIOP Listener/Handler

Example of Setting Parameters on the ISL System Process

Example of Setting Command-line Options on the CORBA C++ ORB

Configuring Authentication

Configuring the Authentication Server

Defining Authorized Users

Defining a Security Level

Configuring Application Password Security

Configuring Password Authentication

Sample UBBCONFIG File for Password Authentication

Configuring Certificate Authentication

Sample UBBCONFIG File for Certificate Authentication

Configuring Access Control

Configuring Optional ACL Security

Configuring Mandatory ACL Security

Setting ACL Policy Between CORBA Applications

Impersonating the Remote Domain Gateway

Example DMCONFIG Entries for ACL Policy

Configuring Security to Interoperate with Older WebLogic Enterprise Client Applications

Configuring Security Plug-ins

Registering the Security Plug-ins (SPIs)

Part III Security Programming

Writing a CORBA Application That Implements Security

Using the Bootstrapping Mechanism

Using the Host and Port Address Format

Using the corbaloc URL Address Format

Using the corbalocs URL Address Format

Using Password Authentication

The Security Sample Application

Writing the Client Application

C++ Code Example That Uses the SecurityLevel2::PrincipalAuthenticator::authenticate() Method

C++ Code Example That Uses the Tobj::PrincipalAuthenticator::logon() Method

Using Certificate Authentication

The Secure Simpapp Sample Application

Writing the CORBA Client Application

C++ Code Example of Certificate Authentication

Using the Interoperable Naming Service Mechanism

Protecting the Client Credentials

Using the Invocations_Options_Required() Method

Building and Running the CORBA Sample Applications

Building and Running the Security Sample Application

Building and Running the Secure Simpapp Sample Application

Step 1: Copy the Files for the Secure Simpapp Sample Application into a Work Directory

Step 2: Change the Protection Attribute on the Files for the Secure Simpapp Sample Application

Step 3: Verify the Settings of the Environment Variables

Step 4: Execute the runme Command

Using the Secure Simpapp Sample Application


Using ULOGS and ORB Tracing

CORBA::ORB_init Problems

Password Authentication Problems

Certificate Authentication Problems

Tobj::Bootstrap:: resolve_initial_references Problems

IIOP Listener/Handler Startup Problems

Configuration Problems

Problems with Using Callbacks Objects with the SSL Protocol

Troubleshooting Tips for Digital Certificates

Part IV Security Reference

CORBA Security APIs

The CORBA Security Model

Authentication of Principals

Controlling Access to Objects

Administrative Control

Functional Components of the CORBA Security Environment

The Principal Authenticator Object

Using the Principal Authenticator Object with Certificate Authentication

BEA Tuxedo Extensions to the Principal Authenticator Object

The Credentials Object

The SecurityCurrent Object

Security Modules

CORBA Module

TimeBase Module

Security Module

Security Level 1 Module

Security Level 2 Module

Tobj Module

C++ Security Reference

















Java Security Reference

Automation Security Reference

Method Descriptions
















  Back to Top       Previous  Next