Using Security in ATMI Applications

Introducing ATMI Security

What Security Means

Security Plug-ins

ATMI Security Capabilities

Operating System (OS) Security

Authentication

Authentication Plug-in Architecture

Understanding Delegated Trust Authentication

Establishing a Session

Getting Authorization and Auditing Tokens

Replacing Client Tokens with Server Tokens

Implementing Custom Authentication

Authorization

Authorization Plug-in Architecture

How the Authorization Plug-in Works

Default Authorization

Custom Authorization

Implementing Custom Authorization

Auditing

Auditing Plug-in Architecture

How the Auditing Plug-in Works

Default Auditing

Custom Auditing

Implementing Custom Auditing

Link-Level Encryption

How LLE Works

Encryption Key Size Negotiation

Determining Min-Max Values

Finding a Common Key Size

Backward Compatibility of LLE

Interoperating with Release 6.5 Oracle Tuxedo Software

Interoperating with Pre-Release 6.5 Oracle Tuxedo Software

WSL/WSH Connection Timeout During Initialization

SSL Encryption

How the SSL Protocol Works

Requirements for Using the SSL Protocol

Encryption Key Size Negotiation

Determining Min-Max Values

Finding a Common Key Size

Backward Compatibility of SSL

WSL/WSH Connection Timeout During Initialization

Supported Cipher Suites

SSL Installation

Public Key Security

PKCS-7 Compliant

Supported Algorithms for Public Key Security

Public Key Algorithms

Digital Signature Algorithms

Symmetric Key Algorithms

Message Digest Algorithms

Message-based Digital Signature

Digital Certificates

Certification Authority

Certificate Repositories

Public-Key Infrastructure

Message-based Encryption

Public Key Implementation

Public Key Initialization

Key Management

Certificate Lookup

Certificate Parsing

Certificate Validation

Proof Material Mapping

Implementing Custom Public Key Security

Default Public Key Implementation

Default Authentication and Authorization

Client Naming

User-Client Names

Application Key

User, Group, and ACL Files

Optional and Mandatory ACLs

Security Interoperability

Interoperating with Pre-Release 7.1 Software

Interoperability for Link-Level Encryption

Interoperability for SSL Encryption

Interoperability for Public Key Security

Security Compatibility

Mixing Default/Custom Authentication and Authorization

Mixing Default/Custom Authentication and Auditing

Compatibility Issues for Public Key Security

Compatibility/Interaction with Data-dependent Routing

Compatibility/Interaction with Threads

Compatibility/Interaction with the EventBroker

Compatibility/Interaction with /Q

Compatibility/Interaction with Transactions

Compatibility/Interaction with Domain Gateways

Compatibility/Interaction with Other Vendors’ Gateways

Denial-of-Service (DoS) Defense

Limited/Restricted Connection Numbers

Setting Up Connection Limitations/Restrictions

UBBCONFIG File

Examples

Messages

Message Sanity Check

Message Authentication Code (MAC) Usage

Performance Impact

Setting up Message Authentication Code (MAC) Usage

DMCONFIG File Configuration

MIB Configuration

MAC Negotiation

Messages

Password Pair Protection

Administering Security

What Administering Security Means

Security Administration Tasks

Setting the Oracle Tuxedo Registry

Purpose of the Oracle Tuxedo Registry

Registering Plug-ins

Configuring an ATMI Application for Security

Editing the Configuration File

Changing the TM_MIB

Using the Oracle Administration Console

Setting Up the Administration Environment

Administering Operating System (OS) Security

Recommended Practices for OS Security

Administering Authentication

Specifying Principal Names

How System Processes Acquire Credentials

Why System Processes Need Credentials

Example UBBCONFIG Entries for Principal Names

Mandating Interoperability Policy

Establishing an Identity for an Older Client

How the WSH Establishes an Identity for an Older Client

How the Domain Gateway Establishes an Identity for an Older Client

How the Server Establishes an Identity for an Older Client

Summarizing How the CLOPT -t Option Works

Example UBBCONFIG Entries for Interoperability

Establishing a Link Between Domains

Example DMCONFIG Entries for Establishing a Link

Setting ACL Policy

Impersonating the Remote Domain Gateway

Example DMCONFIG Entries for ACL Policy

Setting Credential Policy

Administering Authorization

Administering Link-Level Encryption

Understanding LLE min and max Values

Verifying the Installed LLE Version

How to Configure LLE on Workstation Client Links

How to Configure LLE on Bridge Links

How to Configure LLE on tlisten Links

How to Configure LLE on Domain Gateway Links

Administering SSL Encryption

Understanding SSL min and max Values

Verifying the Installed SSL Version

How to Configure SSL on Workstation Client Links

How to Configure SSL on Bridge Links

How to Configure SSL on tlisten Links

How to Configure SSL on Domain Gateway Links

Development Process for the SSL Protocol

Administering Public Key Security

Recommended Practices for Public Key Security

Assigning Public-Private Key Pairs

Setting Digital Signature Policy

Setting a Postdated Limit for Signature Timestamps

Example UBBCONFIG Entries for Postdated Limit

Setting a Predated Limit for Signature Timestamps

Example UBBCONFIG Entries for Predated Limit

Enforcing the Signature Policy for Incoming Messages

Qualifier

Example

How the EventBroker Signature Policy Is Enforced

How the /Q Signature Policy Is Enforced

How the Remote Client Signature Policy Is Enforced

Setting Encryption Policy

Enforcing the Encryption Policy for Incoming Messages

Qualifier

Example

How the EventBroker Encryption Policy Is Enforced

How the /Q Encryption Policy Is Enforced

How the Remote Client Encryption Policy Is Enforced

Initializing Decryption Keys Through the Plug-ins

Example UBBCONFIG Entries for Principal Names and Decryption Keys

Failure Reporting and Auditing

Digital Signature Error Handling

Encryption Error Handling

Administering Default Authentication and Authorization

Designating a Security Level

Establishing Security by Editing the Configuration File

Establishing Security by Changing the TM_MIB

Establishing Security by Using the Oracle Administration Console

Configuring the Authentication Server

How to Enable Application Password Security

How to Enable User-Level Authentication Security

Setting Up the UBBCONFIG File

Setting Up the User and Group Files

Converting System Security Data Files to Oracle Tuxedo User and Group Files

Adding, Modifying, or Deleting Users and Groups

Changing Entries for Users and Groups Through Commands

Changing Entries for Users and Groups Through the ACL_MIB

Enabling Access Control Security

How to Enable Optional ACL Security

Setting Up the UBBCONFIG File

Setting Up the ACL File

Changing ACL Entries Through Commands

Changing ACL Entries Through the ACL_MIB

How to Enable Mandatory ACL Security

Setting Up the UBBCONFIG File

Setting Up the ACL File

Using the Kerberos Authentication Plug-in

Kerberos Plug-In

Kerberos Supported Platforms

Kerberos Plug-in Features

Kerberos Plug-In Pre-configuration

Kerberos Plug-In Configuration

Configure the Kerberos Plug-in

Restore Default Plug-in

Configure KAUTHSVR

Configure Tuxedo Native Client

Limitations

See Also

Using the Cert-C PKI Encryption Plug-in

Cert-C PKI Encryption Plug-In

Cert-C PKI Encryption Plug-In Pre-configuration

Cert-C PKI Encryption Plug-In Configuration

Configure Certificate Lookup

OpenLDAP for X.509 Certificate Lookup

Configure Key Management

decPassword

privateKeyDir

Configure Certificate Parsing

Configure Certificate Validation

caCertificateFile

crlFile

Sample Registry Command File

Limitations

See Also

Programming Security

What Programming Security Means

Programming an ATMI Application with Security

Setting Up the Programming Environment

Writing Security Code So Client Programs Can Join the ATMI Application

Getting Security Data

Joining the ATMI Application

Transferring the Client Security Data

Calling a Service Request Before Joining the ATMI Application

Writing Security Code to Protect Data Integrity and Privacy

ATMI Interface for Public Key Security

Recommended Uses of Public Key Security

Sending and Receiving Signed Messages

Writing Code to Send Signed Messages

Step 1: Opening a Key Handle for Digital Signature

Step 2 (Optional): Getting Key Handle Information

Step 3 (Optional): Changing Key Handle Information

Step 4: Allocating a Buffer and Putting a Message in the Buffer

Step 5: Marking the Buffer for Digital Signature

Step 6: Sending the Message

Step 7: Closing the Signer’s Key Handle

How the System Generates a Digital Signature

Signature Timestamp

Multiple Signatures

Signed Message Content

How a Signed Message Is Received

Verifying Digital Signatures

Verifying and Transmitting an Input Buffer’s Signatures

Replacing an Output Buffer’s Signatures

Sending and Receiving Encrypted Messages

Writing Code to Send Encrypted Messages

Step 1: Opening a Key Handle for Encryption

Step 2 (Optional): Getting Key Handle Information

Step 3 (Optional): Changing Key Handle Information

Step 4: Allocating a Buffer and Putting a Message in the Buffer

Step 5: Marking the Buffer for Encryption

Step 6: Sending the Message

Step 7: Closing the Encryption Key Handle

How the System Encrypts a Message Buffer

Multiple Message Recipients

Encrypted Message Content

Writing Code to Receive Encrypted Messages

Step 1: Opening a Key Handle for Decryption

Step 2 (Optional): Getting Key Handle Information

Step 3 (Optional): Changing Key Handle Information

Step 4: Closing the Decryption Key Handle

How the System Decrypts a Message Buffer

Discarding an Input Buffer’s Encryption Envelopes

Replacing an Output Buffer’s Encryption Envelopes

Examining Digital Signature and Encryption Information

What Happens When an Originating Process Calls tpenvelope

What Happens When a Receiving Process Calls tpenvelope

Understanding the Composite Signature Status

Example Code for tpenvelope

Externalizing Typed Message Buffers

How to Create an Externalized Representation

How to Convert an Externalized Representation

Example Code for tpexport and tpimport

Implementing Single Point Security Administration

What Single Point Security Administration Means

Single Point Security Administration Tasks

Setting up LAUTHSVR as the Authentication Server

LAUTHSVR Command Line Interface

Setting Up the LAUTHSVR Configuration File

Syntax Requirements for LAUTHSVR Configuration File

LAUTHSVR Configuration File Keywords

Example LAUTHSVR Configuration File

Example UBBCONFIG Using LAUTHSVR

Using Multiple Network Addresses for High Availability

Example LAUTHSVR Configuration of Multiple Network Addresses

Configuring the Database Search Order

Example LAUTHSVR Configuration for Database Search Order

Using tpmigldap to Migrate User Information to WebLogic Server

Assigning New Passwords for the tpusr File

tpmigldap Command Line Options

Adding New Tuxedo User Information

Adding New User Information in tpusr or tpgrp

Adding New User Information Using the WebLogic Administration Console

Setting up GAUTHSVR as the Authentication Server

GAUTHSVR Command Line Interface

Setting Up the GAUTHSVR Configuration File

Syntax Requirements for GAUTHSVR Configuration File

GAUTHSVR Configuration File Keywords

Example GAUTHSVR Configuration File

Example UBBCONFIG Using GAUTHSVR

Using tpmigldif to Migrate User Information

Using tpmigldif Command Line Options

tpusr and tpgrp File Format

Assigning New Passwords for the tpusr File (Optional)

Creating a Migration Template

Supported LDAP Server Template Example