Using Security in CORBA Applications
boolean is_valid(
out Security::UtcT expiry_time
);
This method returns TRUE
if the credentials used are active at the time; that is, you did not call Tobj::PrincipalAuthenticator::logoff
or Tobj_Bootstrap::destroy_curren
t. If this method is called after Tobj::PrincipalAuthenticator::logoff()
, FALSE
is returned. If this method is called after Tobj_Bootstrap::destroy_current()
, the CORBA::BAD_INV_ORDER
exception is raised.
The expiration date returned contains the maximum unsigned long long
value in C++. Until the unsigned long long
datatype is adopted, the ulonglong
datatype is substituted. The ulonglong
datatype is defined as follows:
// interim definition of type ulonglong pending the
// adoption of the type extension by all client ORBs.
struct ulonglong {
unsigned long low;
unsigned long high;
};
Note: This information is taken from CORBAservices: Common Object Services Specification, p. 15-97. Revised Edition: March 31, 1995. Updated: November 1997. Used with permission by OMG.
Allows a principal to be authenticated. A Principal Authenticator object that supports the SecurityLevel2::PrincipalAuthenticator
interface is a locality-constrained object. Any attempt to pass a reference to the object outside its locality, or any attempt to externalize the object using the CORBA::ORB::object_to_string()
operation, results in a CORBA::Marshall
exception.
#ifndef _SECURITY_LEVEL_2_IDL
#define _SECURITY_LEVEL_2_IDL
#include <SecurityLevel1.idl>
#pragma prefix "omg.org"
module SecurityLevel2
{
interface PrincipalAuthenticator
{ // Locality Constrained
Security::AuthenticationStatus authenticate (
in Security::AuthenticationMethod method,
in Security::SecurityName security_name,
in Security::Opaque auth_data,
in Security::AttributeList privileges,
out Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
Security::AuthenticationStatus continue_authentication (
in Security::Opaque response_data,
in Credentials creds,
out Security::Opaque continuation_data,
out Security::Opaque auth_specific_data
);
};
};
#endif // SECURITY_LEVEL_2_IDL
#pragma prefix "beasys.com"
module Tobj
{
const Security::AuthenticationMethod
TuxedoSecurity = 0x54555800;
CertificateBased = 0x43455254;
};
class SecurityLevel2
{
public:
class PrincipalAuthenticator;
typedef PrincipalAuthenticator * PrincipalAuthenticator_ptr;
class PrincipalAuthenticator : public virtual CORBA::Object
{
public:
static PrincipalAuthenticator_ptr
_duplicate(PrincipalAuthenticator_ptr obj);
static PrincipalAuthenticator_ptr
_narrow(CORBA::Object_ptr obj);
static PrincipalAuthenticator_ptr _nil();
virtual Security::AuthenticationStatus
authenticate (
Security::AuthenticationMethod method,
const char * security_name,
const Security::Opaque & auth_data,
const Security::AttributeList & privileges,
Credentials_out creds,
Security::Opaque_out continuation_data,
Security::Opaque_out auth_specific_data) = 0;
virtual Security::AuthenticationStatus
continue_authentication (
const Security::Opaque & response_data,
Credentials_ptr & creds,
Security::Opaque_out continuation_data,
Security::Opaque_out auth_specific_data) = 0;
protected:
PrincipalAuthenticator(CORBA::Object_ptr obj = 0);
virtual ~PrincipalAuthenticator() { }
private:
PrincipalAuthenticator( const PrincipalAuthenticator&) { }
void operator=(const PrincipalAuthenticator&) { }
}; // class PrincipalAuthenticator
};