This topic contains the C++ method descriptions for CORBA security.
Returns attributes for the Current interface.
Security::AttributeList get_attributes(
in Security::AttributeTypeList attributes
);
};
attributes
This method gets privilege (and other) attributes from the principal’s credentials for the Current interface.
The following table describes valid return values.
Note: | The defining_authority field is always empty. Depending on the security level defined in the UBBCONFIG file not all the values for the get_attribute method may be available. Two additional values, Group Id and Role , are available with the security level is set to ACL or MANDATORY_ACL in the UBBCONFIG file. |
Note: | This information is taken from CORBAservices: Common Object Services Specification, pp. 15-103, 104. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG. |
Authenticates the principal and optionally obtains credentials for the principal.
Security::AuthenticationStatus
authenticate(
in Security::AuthenticationMethodmethod
,
in Security::SecurityNamesecurity_name
,
in Security::Opaqueauth_data
,
in Security::AttributeListprivileges
,
out Credentialscreds
,
out Security::Opaquecontinuation_data
,
out Security::Opaqueauth_specific_data
);
method
Tobj::TuxedoSecurity
and Tobj::CertificateBased
.
security_name
milozzi@company.com
is the e-mail address used to look up a certificate in the LDAP-enabled directory service and milozzi_company.pem
is the name of the private key file.
auth_data
Tobj:TuxedoSecurity
security mechanism is specified, the value of this argument is dependent on the configured level of authentication. If the Tobj::CertificateBased
argument is specified, the value of this argument is the pass phrase used to decrypt the private key of the principal.
privileges
creds
SecurityLevel2::Current::authenticate
method is SecAuthSuccess.
continuation_data
SecurityLevel2::Current::authenticate
method is SecAuthContinue
, this argument contains the challenge information for the authentication to continue. The value returned will always be empty.
auth_specific_data
The SecurityLevel2::Current::authenticate
method is used by the client application to authenticate the principal and optionally request privilege attributes that the principal requires during its session with the Oracle Tuxedo domain.
If the Tobj::TuxedoSecurity
security mechanism is to be specified, the same functionality can be obtained by calling the Tobj::PrincipalAuthenticator::logon
operation, which provides the same functionality but is specifically tailored for use with the ATMI authentication security mechanism.
The following table describes the valid return values.
void set_credentials(
in Security::CredentialType cred_type,
in Credentials creds
);
cred_type
creds
This method can be used only to set SecInvocationCredentials
; otherwise, set_credentials
raises CORBA::BAD_PARAM
. The credentials must have been obtained from a previous call to SecurityLevel2::Current::get_credentials
or SecurityLevel2::PrincipalAuthenticator::authenticate
.
Note: | This information is taken from CORBAservices: Common Object Services Specification, p. 15-104. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG. |
Credentials get_credentials(
in Security::CredentialType cred_type
);
cred_type
This call can be used only to get SecInvocationCredentials
; otherwise, get_credentials
raises CORBA::BAD_PARAM
. If no credentials are available, get_credentials
raises CORBA::BAD_INV_ORDER
.
Returns the active credentials in the client application only.
Note: | This information is taken from CORBAservices: Common Object Services Specification, p. 15-105. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG. |
Returns the PrincipalAuthenticator
.
readonly attribute PrincipalAuthenticator
principal_authenticator;
The PrincipalAuthenticator
returned by the principal_authenticator
attribute is of actual type Tobj::PrincipalAuthenticator
. Therefore, it can be used both as a Tobj::PrincipalAuthenticator
and as a SecurityLevel2::PrincipalAuthenticator
.
Note: | This method raises CORBA::BAD_INV_ORDER if it is called on an invalid SecurityCurrent object. |
Returns the PrincipalAuthenticator
.
Represents a particular principal’s credential information that is specific to a process. A Credentials object that supports the SecurityLevel2::Credentials
interface is a locality-constrained object. Any attempt to pass a reference to the object outside its locality, or any attempt to externalize the object using the CORBA::ORB::object_to_string()
operation, results in a CORBA::Marshall
exception.
#ifndef _SECURITY_LEVEL_2_IDL
#define _SECURITY_LEVEL_2_IDL
#include <SecurityLevel1.idl>
#pragma prefix “omg.org”
module SecurityLevel2
{
interface Credentials
{
attribute Security::AssociationOptions
invocation_options_supported;
attribute Security::AssociationOptions
invocation_options_required;
Security::AttributeList
get_attributes(
in Security::AttributeTypeList attributes );
boolean
is_valid(
out Security::UtcT expiry_time );
};
};
#endif /* _SECURITY_LEVEL_2_IDL */
class SecurityLevel2
{
public:
class Credentials;
typedef Credentials * Credentials_ptr;
class Credentials : public virtual CORBA::Object
{
public:
static Credentials_ptr _duplicate(Credentials_ptr obj);
static Credentials_ptr _narrow(CORBA::Object_ptr obj);
static Credentials_ptr _nil();
virtual Security::AssociationOptions
invocation_options_supported() = 0;
virtual void
invocation_options_supported(
const Security::AssociationOptions options ) = 0;
virtual Security::AssociationOptions
invocation_options_required() = 0;
virtual void
invocation_options_required(
const Security::AssociationOptions options ) = 0;
virtual Security::AttributeList *
get_attributes(
const Security::AttributeTypeList & attributes) = 0;
virtual CORBA::Boolean
is_valid( Security::UtcT_out expiry_time) = 0;
protected:
Credentials(CORBA::Object_ptr obj = 0);
virtual ~Credentials() { }
private:
Credentials( const Credentials&) { }
void operator=(const Credentials&) { }
}; // class Credentials
}; // class SecurityLevel2
Gets the attribute list attached to the credentials.
Security::AttributeList get_attributes(
in AttributeTypeList attributes
);
attributes
This method returns the attribute list attached to the credentials of the principal. In the list of attribute types, you are required to include only the type value(s) for the attributes you want returned in the AttributeList
. Attributes are not currently returned based on attribute family or identities. In most cases, this is the same result you would get if you called SecurityLevel1::Current::get_attributes()
, since there is only one valid set of credentials in the principal at any instance in time. The results could be different if the credentials are not currently in use.
Note: | This is information taken from CORBAservices: Common Object Services Specification, p. 15-97. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG. |
Indicates the maximum number of security options that can be used when establishing an SSL connection to make an invocation on an object in the Oracle Tuxedo domain.
attribute Security::AssociationOptions
invocation_options_supported
;
This method should be used in conjunction with the SecurityLevel2::Credentials::invocation_options_required
method.
The following security options can be specified:
The list of defined security options.
If the Tobj::TuxedoSecurity
security mechanism is used to create the security association, only the NoProtection
, EstablishTrustInClient
, and SimpleDelegation
security options are returned. The EstablishTrustInClient
security option appears only if the security level of the CORBA application is defined to require passwords to access the Oracle Tuxedo domain.
Note: | A CORBA::NO_PERMISSION exception is returned if the security options specified are not supported by the security mechanism defined for the CORBA application. This exception can also occur if the security options specified have less capabilities than the security options specified by the SecurityLevel2::Credentials::invocation_options_required method. |
Note: | The invocation_options_supported attribute has set() and get() methods. You cannot use the set() method when using the Tobj::TuxedoSecurity security mechanism to get a Credentials object. If you do use the set() method with the Tobj::TuxedoSecurity security mechanism, a CORBA::NO_PERMISSION exception is returned. |
Specifies the minimum number of security options to be used when establishing an SSL connection to make an invocation on a target object in the Oracle Tuxedo domain.
attribute Security::AssociationOptions
invocation_options_required
;
Use this method to specify that communication between principals and the Oracle Tuxedo domain should be protected. After using this method, a Credentials object makes an invocation on a target object using the SSL protocol with the defined level of security options. This method should be used in conjunction with the SecurityLevel2::Credentials::invocation_options_supported
method.
The following security options can be specified:
The list of defined security options.
If the Tobj::TuxedoSecurity
security mechanism is used to create the security association, only the NoProtection
, EstablishTrustInClient
, and SimpleDelegation
security options are returned. The EstablishTrustInClient
security option appears only if the security level of the CORBA application is defined to require passwords to access the Oracle Tuxedo domain.
Note: | A CORBA::NO_PERMISSION exception is returned if the security options specified are not supported by the security mechanism defined for the CORBA application. This exception can also occur if the security options specified have more capabilities than the security options specified by the SecurityLevel2::Credentials::invocation_options_supported method. |
Note: | The invocation_options_required attribute has set() and get() methods. You cannot use the set() method when using the Tobj::TuxedoSecurity security mechanism to get a Credentials object. If you do use the set() method with the Tobj::TuxedoSecurity security mechanism, a CORBA::NO_PERMISSION exception is returned. |
boolean is_valid(
out Security::UtcT expiry_time
);
This method returns TRUE
if the credentials used are active at the time; that is, you did not call Tobj::PrincipalAuthenticator::logoff
or Tobj_Bootstrap::destroy_curren
t. If this method is called after Tobj::PrincipalAuthenticator::logoff()
, FALSE
is returned. If this method is called after Tobj_Bootstrap::destroy_current()
, the CORBA::BAD_INV_ORDER
exception is raised.
The expiration date returned contains the maximum unsigned long long
value in C++. Until the unsigned long long
datatype is adopted, the ulonglong
datatype is substituted. The ulonglong
datatype is defined as follows:
// interim definition of type ulonglong pending the
// adoption of the type extension by all client ORBs.
struct ulonglong {
unsigned long low;
unsigned long high;
};
Note: | This information is taken from CORBAservices: Common Object Services Specification, p. 15-97. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG. |
Allows a principal to be authenticated. A Principal Authenticator object that supports the SecurityLevel2::PrincipalAuthenticator
interface is a locality-constrained object. Any attempt to pass a reference to the object outside its locality, or any attempt to externalize the object using the CORBA::ORB::object_to_string()
operation, results in a CORBA::Marshall
exception.
#ifndef _SECURITY_LEVEL_2_IDL
#define _SECURITY_LEVEL_2_IDL
#include <SecurityLevel1.idl>
#pragma prefix “omg.org”
module SecurityLevel2
{
interface PrincipalAuthenticator
{ // Locality Constrained
Security::AuthenticationStatus authenticate (
in Security::AuthenticationMethod method,
in Security::SecurityName security_name,
in Security::Opaque auth_data,
in Security::AttributeList privileges,
out Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
Security::AuthenticationStatus continue_authentication (
in Security::Opaque response_data,
in Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
};
};
#endif // SECURITY_LEVEL_2_IDL
#pragma prefix "beasys.com"
module Tobj
{
const Security::AuthenticationMethod
TuxedoSecurity = 0x54555800;
CertificateBased = 0x43455254;
};
class SecurityLevel2
{
public:
class PrincipalAuthenticator;
typedef PrincipalAuthenticator * PrincipalAuthenticator_ptr;
class PrincipalAuthenticator : public virtual CORBA::Object
{
public:
static PrincipalAuthenticator_ptr
_duplicate(PrincipalAuthenticator_ptr obj);
static PrincipalAuthenticator_ptr
_narrow(CORBA::Object_ptr obj);
static PrincipalAuthenticator_ptr _nil();
virtual Security::AuthenticationStatus
authenticate (
Security::AuthenticationMethod method,
const char * security_name,
const Security::Opaque & auth_data,
const Security::AttributeList & privileges,
Credentials_out creds,
Security::Opaque_out continuation_data,
Security::Opaque_out auth_specific_data) = 0;
virtual Security::AuthenticationStatus
continue_authentication (
const Security::Opaque & response_data,
Credentials_ptr & creds,
Security::Opaque_out continuation_data,
Security::Opaque_out auth_specific_data) = 0;
protected:
PrincipalAuthenticator(CORBA::Object_ptr obj = 0);
virtual ~PrincipalAuthenticator() { }
private:
PrincipalAuthenticator( const PrincipalAuthenticator&) { }
void operator=(const PrincipalAuthenticator&) { }
}; // class PrincipalAuthenticator
};
Security::AuthenticationStatus continue_authentication(
in Security::Opaque response_data,
in Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
Because the Oracle Tuxedo software does authentication in one step, this method always fails and returns Security::AuthenticationStatus::SecAuthFailure
.
Always returns Security::AuthenticationStatus::SecAuthFailure
.
Note: | This information is taken from CORBAservices: Common Object Services Specification, pp. 15-92, 93. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG. |
Gets the type of authentication expected by the Oracle Tuxedo domain.
AuthType get_auth_type();
This method returns the type of authentication expected by the Oracle Tuxedo domain.
Note: | This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object. |
A reference to the Tobj_AuthType
enumeration. Returns the type of authentication required to access the Oracle Tuxedo domain. The following table describes the valid return values.
Security::AuthenticationStatus logon(
in string user_name,
in string client_name,
in string system_password,
in string user_password,
in UserAuthData user_data
);
user_name
is TOBJ_NOAUTH
. If user_name
is NULL or empty, or exceeds 30 characters, logon
raises CORBA::BAD_PARAM
.
client_name
TOBJ_NOAUTH
. If the client_name
is NULL or empty, or exceeds 30 characters, logon raises the CORBA::BAD_PARAM
exception.
system_password
TOBJ_SYSAUTH
. If the client name is NULL or empty, or exceeds 30 characters, logon raises the CORBA::BAD_PARAM
exception.
Note: | The system_password must not exceed 30 characters. |
user_password
TOBJ_APPAUTH
. The password must not exceed 30 characters.
user_data
TOBJ_APPAUTH
.
Note: | TOBJ_SYSAUTH includes the requirements of TOBJ_NOAUTH, plus a client application password. TOBJ_APPAUTH includes the requirements of TOBJ_SYSAUTH, plus additional information, such as a user password or user data. |
Note: | The user_password and user_data arguments are mutually exclusive, depending on the requirements of the authentication service used in the configuration of the Oracle Tuxedo domain. The Oracle Tuxedo default authentication service expects a user password. A customized authentication service may require user data. The logon call raises the CORBA::BAD_PARAM exception if both user_password and user_data are specified. |
This method authenticates the principal via the IIOP Listener/Handler so that the principal can access an Oracle Tuxedo domain. This method is functionally equivalent to SecurityLevel2::PrincipalAuthenticator::authenticate
, but the arguments are oriented to ATMI authentication.
Note: | This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object. |
The following table describes the valid return values.
Discards the security context associated with the principal.
void logoff();
This call discards the security context, but does not close the network connections to the Oracle Tuxedo domain. Logoff
also invalidates the current credentials. After logging off, invocations using existing object references fail if the authentication type is not TOBJ_NOAUTH
.
If the principal is currently authenticated to an Oracle Tuxedo domain, calling Tobj_Bootstrap::destroy_current()
calls logoff
implicitly.
Note: | This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object. |
Creates authentication data and attributes for use by SecurityLevel2::PrincipalAuthenticator::authenticate
.
void build_auth_data(
in string user_name,
in string client_name,
in string system_password,
in string user_password,
in UserAuthData user_data,
out Security::Opaque auth_data,
out Security::AttributeList privileges
);
Arguments
user_name
client_name
system_password
user_password
user_data
auth_data
privileges
authenticate
.
Note: | If user_name , client_name , or system_password is NULL or empty, or exceeds 30 characters, the subsequent authenticate method invocation raises the CORBA::BAD_PARAM exception. |
Note: | The user_password and user_data parameters are mutually exclusive, depending on the requirements of the authentication service used in the configuration of the Oracle Tuxedo domain. The Oracle Tuxedo default authentication service expects a user password. A customized authentication service may require user data. If both user_password and user_data are specified, the subsequent authentication call raises the CORBA::BAD_PARAM exception. |
Description
This method is a helper function that creates authentication data and attributes to be used by SecurityLevel2::PrincipalAuthenticator::authenticate
.
Note: | This method raises CORBA::BAD_INV_ORDER if it is called with an invalid SecurityCurrent object. |