Corporate Info  |  News  |  Solutions  |  Products  |  Partners  |  Services  |  Events  |  Download  |  How To Buy
	http://www.oracle.com/technology/documentation/index.html   |   Site Map   |   Search   |   PDF Files   |   Contact   |   Glossary
Tuxedo Doc Home   |   Security   |   Topic List   |   Previous   |   Next   |   Contents

   Using BEA Tuxedo Security

Client programs are responsible for gathering data from outside the application or computer, bundling the data into messages, and forwarding the messages to servers for processing. Client programs are made available to users through devices such as automatic teller machines (ATMs), data entry terminals, and graphics devices.

For default authentication and authorization, application security may be set to one of five levels. At the lowest level, no authentication is performed. At the highest level, an access control checking feature determines which users can execute a service, post an event, or enqueue (or dequeue) a message on an application queue. Setting the security level for an application is the responsibility of the application administrator.

An application programmer needs to perform two tasks so that a client program can join a BEA Tuxedo application:

• Get the security data for the specific client process

• Pass that data to the BEA Tuxedo system

The following pseudo-code summarizes the operation of a basic client program. The security-related statements are highlighted in bold.

main()
  {
            call tpchkauth() to check security level of application
            get usrname, cltname
            prompt for application password
            prompt for per-user password
            allocate a TPINIT buffer
            place initial client identification into TPINIT buffer
            call tpinit() to enroll as a client of the application
            allocate buffer
            do while true {
                      place user input in buffer
                      send service request
                      receive reply
                      pass reply to user }
            leave application
  }

Most of the statements in the preceding listing are implemented by ATMI functions in either C or COBOL. The preceding listing shows only the C language implementation.

A client program written in C uses tpinit(3c) to comply with the level of security set for the application and to join the application. The argument to tpinit() is a pointer to a TPINIT buffer. To perform the same tasks in a COBOL application, a client program calls TPINITIALIZE(3cbl), specifying a pointer to a TPINFDEF-REC record as an argument.

• Getting Security Data

• Joining the Application

• Writing Clients in Programming a BEA Tuxedo Application Using C and Programming a BEA Tuxedo Application Using COBOL

• tpinit(3c) in BEA Tuxedo C Function Reference

• TPINITIALIZE(3cbl) in BEA Tuxedo COBOL Function Reference

• Administering Public Key Security

• Administering Authorization

• Default Authentication and Authorization

• Programming an Application with Security