|
|
Using Security in CORBA Applications
This document provides an introduction to concepts associated with the BEA Tuxedo® security features, a description of how to secure your CORBA applications using the security features, and a guide to the use of the application programming interfaces (APIs) in the CORBA Security Service.
Overview of the CORBA Security Features
The CORBA Security Environment
Single Sign-on in the CORBA Security Environment
Introduction to the SSL Technology
Supported Public Key Algorithms
Supported Symmetric Key Algorithms
Supported Message Digest Algorithms
Standards for Digital Certificates
Fundamentals of CORBA Security
Encryption Key Size Negotiation
WSL/WSH Connection Timeout During Initialization
How Password Authentication Works
Development Process for Password Authentication
Requirements for Using the SSL Protocol
Development Process for the SSL Protocol
How Certificate Authentication Works
Development Process for Certificate Authentication
Using an Authentication Plug-in
Commonly Asked Questions About the CORBA Security Features
Do I Have to Change the Security in an Existing CORBA Application?
Can I Use the SSL Protocol in an Existing CORBA Application?
When Should I Use Certificate Authentication?
Requirements for Using Public Key Security
Who Needs Digital Certificates and Private/Private Key Pairs?
Requesting a Digital Certificate
Publishing Certificates in the LDAP Directory Service
Editing the LDAP Search Filter File
Storing the Private Keys in a Common Location
Defining the Trusted Certificate Authorities
Configuring Link-Level Encryption
Understanding min and max Values
Verifying the Installed Version of LLE
Configuring LLE on CORBA Application Links
Setting Parameters for the SSL Protocol
Defining a Port for SSL Network Connections
Setting the Encryption Strength
Setting the Interval for Session Renegotiation
Defining Security Parameters for the IIOP Listener/Handler
Example of Setting Parameters on the ISL System Process
Example of Setting Command-line Options on the CORBA C++ ORB
Configuring the Authentication Server
Configuring Application Password Security
Configuring Password Authentication
Sample UBBCONFIG File for Password Authentication
Configuring Certificate Authentication
Sample UBBCONFIG File for Certificate Authentication
Configuring Optional ACL Security
Configuring Mandatory ACL Security
Setting ACL Policy Between CORBA Applications
Configuring Security to Interoperate with Older WebLogic Enterprise Client Applications
Single Sign-on with Password Authentication
Single Sign-on with Password Authentication and the SSL Protocol
Single Sign-on with the SSL Protocol and Certificate Authentication
Registering the Security Plug-ins (SPIs)
Writing a CORBA Application That Implements Security
Using the Bootstrapping Mechanism
Using the Host and Port Address Format
Using the corbaloc URL Address Format
Using the corbalocs URL Address Format
The Security Sample Application
Writing the Client Application
Using Certificate Authentication
The Secure Simpapp Sample Application
Writing the CORBA Client Application
Using the Interoperable Naming Service Mechanism
Using the Invocations_Options_Required() Method
Building and Running the CORBA Sample Applications
Building and Running the Security Sample Application
Building and Running the Secure Simpapp Sample Application
Step 1: Copy the Files for the Secure Simpapp Sample Application into a Work Directory
Step 2: Change the Protection Attribute on the Files for the Secure Simpapp Sample Application
Step 3: Verify the Settings of the Environment Variables
Step 4: Execute the runme Command
Using the Secure Simpapp Sample Application
Password Authentication Problems
Certificate Authentication Problems
Tobj::Bootstrap::
resolve_initial_references Problems
IIOP Listener/Handler Startup Problems
Problems with Using Callbacks Objects with the SSL Protocol
Troubleshooting Tips for Digital Certificates
Functional Components of the CORBA Security Environment
The Principal Authenticator Object
Using the Principal Authenticator Object with Certificate Authentication
BEA Tuxedo Extensions to the Principal Authenticator Object
SecurityLevel1::Current::get_attributes
SecurityLevel2::PrincipalAuthenticator::authenticate
SecurityLevel2::Current::set_credentials
SecurityLevel2::Current::get_credentials
SecurityLevel2::Current::principal_authenticator
SecurityLevel2::Credentials::get_attributes
SecurityLevel2::Credentials::invocation_options_supported
SecurityLevel2::Credentials::invocation_options_required
SecurityLevel2::Credentials::is_valid
SecurityLevel2::PrincipalAuthenticator
SecurityLevel2::PrincipalAuthenticator::continue_authentication
Tobj::PrincipalAuthenticator::get_auth_type
Tobj::PrincipalAuthenticator::logon
Tobj::PrincipalAuthenticator::logoff
Tobj::PrincipalAuthenticator::build_auth_data
DISecurityLevel2_Current.get_attributes
DISecurityLevel2_Current.set_credentials
DISecurityLevel2_Current.get_credentials
DISecurityLevel2_Current.principal_authenticator
DITobj_PrincipalAuthenticator.authenticate
DITobj_PrincipalAuthenticator.build_auth_data
DITobj_PrincipalAuthenticator.continue_authentication
DITobj_PrincipalAuthenticator.get_auth_type
DITobj_PrincipalAuthenticator.logon
DITobj_PrincipalAuthenticator.logoff
DISecurityLevel2_Credentials.get_attributes
DISecurityLevel2_Credentials.is_valid
|
Copyright © 2001 BEA Systems, Inc. All rights reserved.
|