3 — Operations on SecurityAdmin Interfaces

[Previous] [Next] [Table of Contents] [Index]

The following operations for SecurityAdmin interfaces are available to security-aware applications:

3.1 Operations on the AuditPolicy Interface
3.2 Operations on the DelegationPolicy Interface
3.3 Operations on the DomainAccessPolicy Interface
3.4 Operations on the SecureInvocationPolicy Interface

3.1 Operations on the AuditPolicy Interface

Applications can use the operations in the SecurityAdmin::AuditPolicy interface to specify client, target, and application events that should be audited. You configure the conditions that trigger auditing on a per-domain basis. When queried by the audit_needed operation (see the audit_needed on page 20), the AuditPolicy object returns True or False based on the conditions you set.

The AuditPolicy interface supports the following operations:

clear_audit_selectors
get_audit_selectors
replace_audit_selectors
set_audit_channel
set_audit_selectors

clear_audit_selectors

The clear_audit_selectors operation clears all of the audit selectors for the audit events you specify.

Syntax

IDL

void clear_audit_selectors( in CORBA::RepositoryId interface_name, in Security::AuditEventTypeList events );

Java

void clear_audit_selectors( java.lang.String interface_name, org.omg.Security.AuditEventType[] events );

IDL	void clear_audit_selectors( in CORBA::RepositoryId interface_name, in Security::AuditEventTypeList events );
Java	void clear_audit_selectors( java.lang.String interface_name, org.omg.Security.AuditEventType[] events );

IDL	void get_audit_selectors( in CORBA::RepositoryId interface_name, in Security::AuditEventType event_type out Security::SelectorValueList selectors out Security::AuditCombinator audit_combinator );
Java	void get_audit_selectors( java.lang.String interface_name, org.omg.Security.AuditEventType event_type, org.omg.Security.SelectorValueListHolder selectors, org.omg.Security.AuditCombinatorHolder audit_combinator );

Parameters

interface_name

Interface whose selector values you are requesting. This must not be set to Null.

event_type

Type of event whose selector values you are requesting. Specify a family ID and type ID for event types. This must not be set to All.

selectors

SelectorValueList data type. List of selector values for the event_type you specified. These may originate from a higher-level domain. If no selectors exist, this operation searches for base-classes for the specified interface, and returns the first set of selectors it finds. Settings for the interface override settings for the base-class, even if the base-class settings are in a higher-level domain.

audit_combinator

AuditCombinator data type. Audit combinator for the event_type you specified. Possible values include:

SecAllSelectors — If all of the selector values input by the audit_needed operation match the selectors you define, then audit the event.
SecAnySelectors — If any of the selector values input by the audit_needed operation match the selectors you define, then audit the event.

Return Value

None.

replace_audit_selectors

The replace_audit_selectors operation replaces the selectors that you specify.

Syntax

IDL

void replace_audit_selectors( in CORBA::RepositoryID object_type, in Security::AuditEventTypeList events, in Security::SelectorValueList selectors in Security::AuditCombinator audit_combinator );

Java

void replace_audit_selectors( java.lang.String object_type, org.omg.Security.AuditEventType[] events, org.omg.Security.SelectorValue[] selectors, org.omg.Security.AuditCombinator audit_combinator );

IDL	void replace_audit_selectors( in CORBA::RepositoryID object_type, in Security::AuditEventTypeList events, in Security::SelectorValueList selectors in Security::AuditCombinator audit_combinator );
Java	void replace_audit_selectors( java.lang.String object_type, org.omg.Security.AuditEventType[] events, org.omg.Security.SelectorValue[] selectors, org.omg.Security.AuditCombinator audit_combinator );

Parameters

Refer to the set_audit_selectors on page 49 for selectors and values of these parameters.

object_type

CORBA::RepositoryId data type. Interface whose audit selectors you are replacing.

events

AuditEventTypeList data type. Type of event whose audit selectors you are replacing.

selectors

SelectorValueList data type. New selector values you are implementing.

audit_combinator

AuditCombinator data type. Determines how selectors are compared.

Return Value

None.

set_audit_channel

The set_audit_channel operation specifies the audit channel over which audit records are sent. The audit channel object that corresponds to the audit_channel_ID is retrieved by the corresponding AuditDecision object.

NetCrusader/CORBA supports the SecurityExtension::LogFile audit channel identifier.

Syntax

IDL

void set_audit_channel( in Security::AuditChannelId audit_channel_id );

Java

void set_audit_channel( int audit_channel_id );

IDL	void set_audit_channel( in Security::AuditChannelId audit_channel_id );
Java	void set_audit_channel( int audit_channel_id );

Parameters

audit_channel_id

AuditChannelId data type. Audit trail that the system should use. NetCrusader/CORBA supports the value:

1 (LogFile) — Write auditable events to a local log file.

If no audit_channel_id is set, the system converts the setting at runtime to LogFile.

Return Value

None.

set_audit_selectors

The set_audit_selectors operation defines the selectors used to make audit decisions.

Syntax

IDL

void set_audit_selectors( in CORBA::RepositoryID interface_name, in Security::AuditEventTypeList events, in Security::SelectorValueList selectors, in Security::AuditCombinator audit_combinator );

Java

void set_audit_selectors( java.lang.String interface_name, org.omg.Security.AuditEventType[] events, org.omg.Security.SelectorValue[] selectors, org.omg.Security.AuditCombinator audit_combinator );

IDL	void set_audit_selectors( in CORBA::RepositoryID interface_name, in Security::AuditEventTypeList events, in Security::SelectorValueList selectors, in Security::AuditCombinator audit_combinator );
Java	void set_audit_selectors( java.lang.String interface_name, org.omg.Security.AuditEventType[] events, org.omg.Security.SelectorValue[] selectors, org.omg.Security.AuditCombinator audit_combinator );

Parameters

interface_name

CORBA::RepositoryId data type. This is the name of the interface for which you are creating an audit policy. An object_type of Null represents the <default> interface, applying the settings to all object types in the interface.

events

AuditEventTypeList data type. This is the event type for which you are setting selectors. Specify an audit family ID and event type ID. The system interprets an event type ID of zero as AuditAll, or all event types in the specified audit event family. Be aware that setting selectors on AuditAll replaces any existing selectors on other events in that family.

selectors

SelectorValueList data type. These are the values for the events specified. Only the selectors for the events you specify are set. Values include:

DayOfWeek — DayOfTheWeek data type. Multiple DayOfWeek selectors may be used in the same selector list. If at least one of these selectors matches, the system interprets it as a match, regardless of the audit combinator setting.
Initiator — AttributeList data type. This may include AccessId, GroupId, PrimaryGroupId, or Public attributes. This selector matches if the runtime initiator holds at least one of these attributes.
Operation — String value for the name of the method executed.
SuccessFailure — CORBA::Boolean value for the result of the operation.
Time — IntervalT data type. This is the time period in nanoseconds during which auditing occurs, relative to the start of the current day. Multiple time selectors may be used in the same selector list.

audit_combinator

AuditCombinator data type. This determines how selectors are compared:

SecAllSelectors — If all of the selector values input by the audit_needed operation match the selectors you define, then the event is audited.
SecAnySelectors — If any of the selector values input by the audit_needed operation match the selectors you define, then the event is audited.

Return Value

None.

3.2 Operations on the DelegationPolicy Interface

The operations on the SecurityAdmin::DelegationPolicy interface allow an application to control the credentials that an intermediate object uses when invoking another object. The intermediate object may use its own credentials, the initiating principal's credentials, or both.

The DelegationPolicy interface supports the following operations:

get_delegation_mode
set_delegation_mode

get_delegation_mode

The get_delegation_mode operation returns the interface's delegation mode. In a domain hierarchy, the delegation settings of lower domains take precedence over those of higher domains.

If no delegation mode exists for the interface you specify, get_delegation_mode searches for the default delegation mode setting.

Syntax

IDL

Security::DelegationMode get_delegation_mode( in CORBA::RepositoryId interface_name, );

Java

org.omg.Security.DelegationMode get_delegation_mode( java.lang.String interface_name );

IDL	Security::DelegationMode get_delegation_mode( in CORBA::RepositoryId interface_name, );
Java	org.omg.Security.DelegationMode get_delegation_mode( java.lang.String interface_name );

Parameters

interface_name

Interface whose delegation mode you are requesting. You must specify this parameter (may not be null).

Return Values

The delegation mode of the interface you requested.

set_delegation_mode

The set_delegation_mode operation specifies the credentials that are delegated when an intermediate object in a chain invokes other objects. The new setting applies only within this domain.

The intermediate object can override this default at run time.

Syntax

IDL

void set_delegation_mode( in CORBA::RepositoryID interface_name, in Security::DelegationMode mode );

Java

void set_delegation_mode( java.lang.String interface_name, org.omg.Security.DelegationMode mode );

IDL	void set_delegation_mode( in CORBA::RepositoryID interface_name, in Security::DelegationMode mode );
Java	void set_delegation_mode( java.lang.String interface_name, org.omg.Security.DelegationMode mode );

Parameters

interface_name

Interface to which the delegation policy applies. Using a null value updates the default setting for interfaces that do not have a specific delegation mode applied to them.

mode

Delegation mode. Options include:

SecDelModeNoDelegation — Use the intermediate's own credentials for future invocations.
SecDelModeSimpleDelegation — Use the initiating principal's credentials for delegation.
SecDelModeCompositeDelegation — Pass both the received credentials and the intermediate object's own credentials. The requester's credentials and the intermediate's credentials are kept separate.

Return Value

None.

3.3 Operations on the DomainAccessPolicy Interface

In a CORBA system, each object to which you control access must be a member of a domain. Each domain has an access policy that defines principals' rights within the domain.

The SecurityAdmin::DomainAccessPolicy interface is the interface to a domain's access policies. The operations on this interface allow an application to specify and retrieve access rights based on a client's privilege attribute. Principals with the appropriate privilege attribute are granted the access rights that you specify.

NOTE: Because the AccessPolicy object obtained from Current supports the operations of both interfaces, NetCrusader/CORBA supports the operations of the SecurityAdmin::AccessPolicy interface under the SecurityAdmin::DomainAccessPolicy interface. The operations of both interfaces are described in this section.

The DomainAccessPolicy interface supports the following operations:

get_all_effective_rights
get_all_rights
get_effective_rights
get_rights
grant_rights
replace_rights
revoke_rights

get_all_effective_rights

The get_all_effective_rights operation returns the current rights, for all rights families in the current security domain, that the AccessPolicy object grants to principals with the correct attributes.

Syntax

IDL

Security::RightsList get_all_effective_rights( in Security::AttributeList attrib_list );

Java

org.omg.Security.Right[] get_all_effective_rights( org.omg.Security.SecAttribute[] attrib_list );

IDL	Security::RightsList get_all_effective_rights( in Security::AttributeList attrib_list );
Java	org.omg.Security.Right[] get_all_effective_rights( org.omg.Security.SecAttribute[] attrib_list );

Parameters

attrib_list

List of attributes obtained from one or more Credentials objects using the get_attributes operation. Use only AccessId, GroupId, PrimaryGroupId, or Public attributes in the attrib_list.

Return Value

List of effective rights that are consistent with the attrib_list.

get_all_rights

The get_all_rights operation returns the current rights, for all rights families in the current security domain, of the priv_attr you specify in the del_state you specify.

Syntax

IDL

Security::RightsList get_all_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state );

Java

org.omg.Security.Right[] get_all_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state );

IDL	Security::RightsList get_all_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state );
Java	org.omg.Security.Right[] get_all_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state );

Parameters

priv_attr

Privilege attribute for which you are requesting rights. Use only an AccessId, GroupId, PrimaryGroupId, or Public attribute.

del_state

Delegation state of the privilege attribute to which the rights are applied.

Return Value

A list of rights granted to this privilege attribute when it is in the delegation state specified.

get_effective_rights

The get_effective_rights operation returns to the application the effective rights that the AccessPolicy object grants to the client. Note that only the rights for the specific rights family you specify are returned, not the rights for all families.

Syntax

IDL

Security::RightsList get_effective_rights( in Security::AttributeList attrib_list, in Security::ExtensibleFamily rights_family );

Java

org.omg.Security.Right[] get_effective_rights( org.omg.Security.SecAttribute[] attrib_list, org.omg.Security.ExtensibleFamily rights_family );

IDL	Security::RightsList get_effective_rights( in Security::AttributeList attrib_list, in Security::ExtensibleFamily rights_family );
Java	org.omg.Security.Right[] get_effective_rights( org.omg.Security.SecAttribute[] attrib_list, org.omg.Security.ExtensibleFamily rights_family );

Parameters

attrib_list

List of attributes obtained from one or more Credentials using the get_attributes operation. Use only AccessId, GroupId, PrimaryGroupId, or Public attributes in the attrib_list.

rights_family

Family of rights to be returned.

Return Value

List of effective rights for rights_family that are consistent with the attrib_list parameter.

get_rights

The get_rights operation retrieves the rights granted to principals that hold a particular privilege attribute. The rights returned are for the individual rights family you specify, and apply only to the current security domain.

Syntax

IDL

Security::RightsList get_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::ExtensibleFamily rights_family, );

Java

org.omg.Security.Right[] get_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.ExtensibleFamily rights_family );

IDL	Security::RightsList get_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::ExtensibleFamily rights_family, );
Java	org.omg.Security.Right[] get_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.ExtensibleFamily rights_family );

Parameters

priv_attr

Privilege attribute for which you are requesting rights. Use only an AccessId, GroupId, PrimaryGroupId, or Public attribute.

del_state

Delegation state of the privilege attribute to which the requested rights are applied.

rights_family

Rights family whose rights you are requesting.

Return Value

A list of rights that are granted to the priv_attr you specified.

grant_rights

The grant_rights operation grants the rights that you specify to principals that hold the privilege attribute you specify. The rights apply in the current domain only.

Syntax

IDL

void grant_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::RightsList rights );

Java

void grant_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.Right[] rights );

IDL	void grant_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::RightsList rights );
Java	void grant_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.Right[] rights );

Parameters

priv_attr

Privilege attribute for which you want to grant rights. Use only an AccessId, GroupId, PrimaryGroupId, or Public attribute as the priv_attr.

del_state

Delegation state to be set. The rights you specify are granted to principals with the priv_attr and del_state specified.

rights

List of rights you want to grant to principals that have the priv_attr specified. Failure to input any rights is interpreted as a "deny access" command for principals that hold this privilege attribute.

Return Value

None.

replace_rights

The replace_rights operation replaces the current rights of a privilege attribute with the rights you specify. Rights are replaced for the passed-in delegation state and apply to the current domain only.

Syntax

IDL

void replace_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::RightsList rights );

Java

void replace_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.Right[] rights );

IDL	void replace_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::RightsList rights );
Java	void replace_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.Right[] rights );

Parameters

priv_attr

Privilege attribute whose rights you want to replace. Use only an AccessId, GroupId, PrimaryGroupId, or Public attribute as the priv_attr.

del_state

Delegation state of the privilege attribute for which you are replacing rights.

rights

List of new rights. Rights not listed are revoked.

Return Value

None.

revoke_rights

The revoke_rights operation revokes rights that are currently granted to principals holding the privilege attribute you specify. This operation revokes rights for the delegation state you specify and in the current domain only.

Syntax

IDL

void revoke_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::RightsList rights );

Java

void revoke_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.Right[] rights );

IDL	void revoke_rights( in Security::SecAttribute priv_attr, in Security::DelegationState del_state, in Security::RightsList rights );
Java	void revoke_rights( org.omg.Security.SecAttribute priv_attr, org.omg.Security.DelegationState del_state, org.omg.Security.Right[] rights );

Parameters

priv_attr

Privilege attribute whose rights you want to revoke. Use only an AccessId, GroupId, PrimaryGroupId, or Public attribute as the priv_attr.

del_state

Delegation state of the privilege attribute for which you are revoking rights.

rights

List of rights to be revoked.

Return Value

None.

3.4 Operations on the SecureInvocationPolicy Interface

Operations on the SecurityAdmin::SecureInvocationPolicy interface allow an application to specify the security conditions required for a client and server to communicate.

NetCrusader/CORBA provides the secure invocation features Detect replay, Detect misordering, Establish trust in target, Establish trust in client, and Integrity. These features can be switched off or on as a unit — they are not individually configurable.

By default, clients and targets communicate with unsecured servers or clients, but this communication is unsecured.

The SecureInvocationPolicy interface supports the following operations:

get_association_options
set_association_options

get_association_options

The get_association_options operation allows an application to retrieve the secure association options that an interface requires.

Syntax

IDL

Security::AssociationOptions get_association_options( in CORBA::RepositoryId interface_name, in RequiresSupports requires_supports, in CommunicationDirection direction );

Java

short get_association_options( java.lang.String interface_name, org.omg.Security.RequiresSupports requires_supports, org.omg.Security.CommunicationDirection direction );

IDL	Security::AssociationOptions get_association_options( in CORBA::RepositoryId interface_name, in RequiresSupports requires_supports, in CommunicationDirection direction );
Java	short get_association_options( java.lang.String interface_name, org.omg.Security.RequiresSupports requires_supports, org.omg.Security.CommunicationDirection direction );

Parameters

interface_name

Interface whose association options you are retrieving.

requires_supports

Indicates whether you want to get this object's required options or its supported options.

direction

Use SecDirectionBoth as the value for this parameter.

Return Values

The association option flags set for this policy.

set_association_options

The set_association_options operation allows an application to set the secure association options for objects in a domain.

Syntax

IDL

void set_association_options( in CORBA::RepositoryId interface_name, in RequiresSupports requires_supports, in CommunicationDirection direction, in AssociationOptions options );

Java

void set_association_options( java.lang.String interface_name, org.omg.Security.RequiresSupports requires_supports, org.omg.Security.CommunicationDirection direction, short options );

IDL	void set_association_options( in CORBA::RepositoryId interface_name, in RequiresSupports requires_supports, in CommunicationDirection direction, in AssociationOptions options );
Java	void set_association_options( java.lang.String interface_name, org.omg.Security.RequiresSupports requires_supports, org.omg.Security.CommunicationDirection direction, short options );

Parameters

interface_name

Interface to which the options apply.

requires_supports

Indicates whether the options you set will be required or supported.

direction

You must use SecDirectionBoth as the value for this parameter.

options

Sets the options flags for the secure association options you are setting. Options that you Require must also be specified as Supported:

The following options can be switched off or on as a unit — they are not individually configurable.:
Security::DetectMisordering
Security::DetectReplay
Security::EstablishTrustInClient
Security::EstablishTrustInTarget
Security::Integrity
When the previous set of options is specified, one of the following delegation options must be specified:
Security::NoDelegation
Security::SimpleDelegation
Security::CompositeDelegation

If the previous set of options is not specified, you cannot specify a delegation option.

If you specify NoDelegation as a required option, you can still specify SimpleDelegation or CompositeDelegation as a supported option.
The option Security::Confidentiality can be independently disabled or enabled.
You can use the option Security::NoProtection alone to indicate that no security is required, or you can use it as a supported option along with other options.

Return Value

None.

[Previous] [Next] [Table of Contents] [Index]

To make comments or ask for help, contact support@gradient.com.

Return Value

Return Value

Return Value

Return Value

Copyright © 1999 Gradient Technologies, Inc.