Using Security in CORBA Applications
|
 |
 |
|
|
 |
 |
SecurityLevel2::Credentials::is_valid
Synopsis
OMG IDL Definition
boolean is_valid(
out Security::UtcT expiry_time
);
Description
This method returns TRUE if the credentials used are active at the time; that is, you did not call Tobj::PrincipalAuthenticator::logoff or Tobj_Bootstrap::destroy_current. If this method is called after Tobj::PrincipalAuthenticator::logoff(), FALSE is returned. If this method is called after Tobj_Bootstrap::destroy_current(), the CORBA::BAD_INV_ORDER exception is raised.
Return Values
The expiration date returned contains the maximum unsigned long long value in C++. Until the unsigned long long datatype is adopted, the ulonglong datatype is substituted. The ulonglong datatype is defined as follows:
// interim definition of type ulonglong pending the
// adoption of the type extension by all client ORBs.
struct ulonglong {
unsigned long low;
unsigned long high;
};
Note: This information is taken from CORBAservices: Common Object Services Specification, p. 15-97. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
SecurityLevel2::PrincipalAuthenticator
Synopsis
Allows a principal to be authenticated. A Principal Authenticator object that supports the SecurityLevel2::PrincipalAuthenticator interface is a locality-constrained object. Any attempt to pass a reference to the object outside its locality, or any attempt to externalize the object using the CORBA::ORB::object_to_string() operation, results in a CORBA::Marshall exception.
OMG IDL Definition
#ifndef _SECURITY_LEVEL_2_IDL
#define _SECURITY_LEVEL_2_IDL
#include <SecurityLevel1.idl>
#pragma prefix "omg.org"
module SecurityLevel2
{
interface PrincipalAuthenticator
{ // Locality Constrained
Security::AuthenticationStatus authenticate (
in Security::AuthenticationMethod method,
in Security::SecurityName security_name,
in Security::Opaque auth_data,
in Security::AttributeList privileges,
out Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
Security::AuthenticationStatus continue_authentication (
in Security::Opaque response_data,
in Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
};
};
#endif // SECURITY_LEVEL_2_IDL
#pragma prefix "beasys.com"
module Tobj
{
const Security::AuthenticationMethod
TuxedoSecurity = 0x54555800;
CertificateBased = 0x43455254;
};
C++ Declaration
class SecurityLevel2
{
public:
class PrincipalAuthenticator;
typedef PrincipalAuthenticator * PrincipalAuthenticator_ptr;
class PrincipalAuthenticator : public virtual CORBA::Object
{
public:
static PrincipalAuthenticator_ptr
_duplicate(PrincipalAuthenticator_ptr obj);
static PrincipalAuthenticator_ptr
_narrow(CORBA::Object_ptr obj);
static PrincipalAuthenticator_ptr _nil();
virtual Security::AuthenticationStatus
authenticate (
Security::AuthenticationMethod method,
const char * security_name,
const Security::Opaque & auth_data,
const Security::AttributeList & privileges,
Credentials_out creds,
Security::Opaque_out continuation_data,
Security::Opaque_out auth_specific_data) = 0;
virtual Security::AuthenticationStatus
continue_authentication (
const Security::Opaque & response_data,
Credentials_ptr & creds,
Security::Opaque_out continuation_data,
Security::Opaque_out auth_specific_data) = 0;
protected:
PrincipalAuthenticator(CORBA::Object_ptr obj = 0);
virtual ~PrincipalAuthenticator() { }
private:
PrincipalAuthenticator( const PrincipalAuthenticator&) { }
void operator=(const PrincipalAuthenticator&) { }
}; // class PrincipalAuthenticator
};
