2 — Operations on SecurityLevel2 Interfaces

[Previous] [Next] [Table of Contents] [Index]

The following operations for SecurityLevel2 interfaces are available to security-aware applications:

2.1 Operations on the AccessDecision Interface
2.2 Operations on the AuditChannel Interface
2.3 Operations on the AuditDecision Interface
2.4 Operations on the Credentials Interface
2.5 Operations on the Current Interface
2.6 Operations on the PrincipalAuthenticator Interface
2.7 Operations on the ReceivedCredentials Interface
2.8 Operations on the RequiredRights Interface

2.1 Operations on the AccessDecision Interface

The AccessDecision Interface supports one operation:

access_allowed

The access_allowed operation processes information about a principal's credentials and the target and operation requested so that access decisions can be made. Because the NetCrusader/CORBA security framework calls this operation at all appropriate points, handling access requests for you, applications should rarely need to call this operation.

Syntax

IDL

boolean access_allowed( in SecurityLevel2::CredentialsList cred_list, in Object target, in CORBA::Identifier operation_name, in CORBA::Identifier target_interface_name );

Java

boolean access_allowed( org.omg.SecurityLevel2.Credentials[] cred_list, org.omg.CORBA.Object target, java.lang.String operation_name, java.lang.String target_interface_name );

IDL	boolean access_allowed( in SecurityLevel2::CredentialsList cred_list, in Object target, in CORBA::Identifier operation_name, in CORBA::Identifier target_interface_name );
Java	boolean access_allowed( org.omg.SecurityLevel2.Credentials[] cred_list, org.omg.CORBA.Object target, java.lang.String operation_name, java.lang.String target_interface_name );

Parameters

cred_list

List of the client's credentials. For unauthenticated requests, the list may be empty. The list may contain a single credential, or, for delegated requests, the list may contain several credentials.

target

Reference used to invoke the target object (the method invoked).

operation_name

Name of the operation being invoked on the target.

target_interface_name

Name of the interface to which the invoked operation belongs.

Return Value

True — Access is allowed.

False — Access is denied.

2.2 Operations on the AuditChannel Interface

Use the AuditChannel interface to write audit records. This interface supports the following operations and attributes:

audit_channel_id
audit_write

audit_channel_id

The audit_channel_id attribute is a read-only attribute that contains the identity of the audit channel. By default, NetCrusader/CORBA filters all auditable events to a local log file. You can specify a different log file name by using the -GradLogFile option at the command line. For more information, see the NetCrusader/CORBA Installation and Operation Guide.

Syntax

IDL

readonly attribute Security::AuditChannelId audit_channel_id;

Java

int audit_channel_id();

IDL	readonly attribute Security::AuditChannelId audit_channel_id;
Java	int audit_channel_id();

IDL	void audit_write( in Security::AuditEventType event_type, in CredentialsList creds, in Security::UtcT time, in Security::SelectorValueList descriptors, in Security::Opaque event_specific_data );
Java	void audit_write( org.omg.Security.AuditEventType event_type, org.omg.SecurityLevel2.Credentials[] creds, org.omg.TimeBase.UtcT time, org.omg.Security.SelectorValue[] descriptors, byte[] event_specific_data );

Parameters

event_type

Type of event being audited.

creds

Credentials of the principal who initiated the event. If no credentials are specified, the own_credentials attribute associated with Current is used.

time

Time the event occurred. Set to the Time selector value or the value of Current::current_time.

event_specific_data

Not used.

descriptors

Data about the event. NetCrusader/CORBA supports the following selectors and data types:

Selector Description Data Type
Security::RepositoryId

String value for interface being audited. This may be automatically generated (using ObjectRef).

CORBA::RepositoryId

Security::ObjectRef

String value for the target object. This is required.

CORBA::Object

Security::Initiator

Initiator's credentials. This can be automatically generated using Current::own_credentials.

CredentialsList.

Security::Time

Current time. This is automatically generated.

UtcT

Security::DayOfWeek

Day of the week. This is automatically generated.

DayOfTheWeek

Security::Operation

String value for the operation being audited.

String.

Security::SuccessFailure

Result of operation.

CORBA::Boolean

Selector	Description	Data Type
Security::RepositoryId	String value for interface being audited. This may be automatically generated (using ObjectRef).	CORBA::RepositoryId
Security::ObjectRef	String value for the target object. This is required.	CORBA::Object
Security::Initiator	Initiator's credentials. This can be automatically generated using Current::own_credentials.	CredentialsList.
Security::Time	Current time. This is automatically generated.	UtcT
Security::DayOfWeek	Day of the week. This is automatically generated.	DayOfTheWeek
Security::Operation	String value for the operation being audited.	String.
Security::SuccessFailure	Result of operation.	CORBA::Boolean

Return Value

None.

2.3 Operations on the AuditDecision Interface

The ORB performs auditing based on the policies that the administrator configures. However, the ORB is unable to audit an application's internal activities or data. In this case, you can design the application to audit these activities itself. For example, you could define an audit policy that records bank transfers when the amount is greater than a certain amount.

Use the operations in the AuditDecision interface to check if a runtime event should be audited. When auditing is required, the audit_write operation creates an audit record that contains the type of event, the principal that initiated the event, and information about the event itself, such as whether it failed or succeeded.

The AuditDecision interface supports the following operations and attributes:

audit_channel
audit_needed

audit_channel

The audit_channel attribute provides the audit channel that is associated with this AuditDecision object. The audit record is sent to this audit channel.

Syntax

IDL

readonly attribute AuditChannel audit_channel

Java

org.omg.SecurityLevel2.AuditChannel audit_channel()

IDL	readonly attribute AuditChannel audit_channel
Java	org.omg.SecurityLevel2.AuditChannel audit_channel()

Return Value

The Audit Channel object associated with this Audit Decision object.

audit_needed

The audit_needed operation queries the audit policy to determine whether a particular event should be audited. It passes in a value list that represents runtime data, and compares it with the audit policy.

Syntax

IDL

boolean audit_needed( in Security::AuditEventType event_type, in Security::SelectorValueList value_list );

Java

boolean audit_needed( org.omg.Security.AuditEventType event_type, org.omg.Security.SelectorValue[] value_list );

IDL	boolean audit_needed( in Security::AuditEventType event_type, in Security::SelectorValueList value_list );
Java	boolean audit_needed( org.omg.Security.AuditEventType event_type, org.omg.Security.SelectorValue[] value_list );

Parameters

event_type

Event type associated with the operation.

value_list

List of zero or more selector ID value pairs. NetCrusader/CORBA supports the following selectors and data types:

Selector Description Data Type
Security::RepositoryId

String value for interface being audited. This may be automatically generated (using ObjectRef), but it may require that an interface repository be running.

CORBA::RepositoryId

Security::ObjectRef

String value for the target object. This is required.

CORBA::Object

Security::Initiator

Initiator's credentials. This can be automatically generated using Current::own_credentials.

CredentialsList.

Security::Time

Current time. This can be automatically generated using SecurityExtension::Current::current_time.

UtcT

Security::DayOfWeek

Day of the week. This can be automatically generated using Current::day_of_week.

DayOfTheWeek

Security::Operation

String value for the operation being audited.

String.

Security::SuccessFailure

Result of operation.

CORBA::Boolean

SecurityExtension::ValueCompare

Named value comparison. This allows applications to create named value comparisons to filter audit events.

SecurityExtension::ValueCompareValue

Selector	Description	Data Type
Security::RepositoryId	String value for interface being audited. This may be automatically generated (using ObjectRef), but it may require that an interface repository be running.	CORBA::RepositoryId
Security::ObjectRef	String value for the target object. This is required.	CORBA::Object
Security::Initiator	Initiator's credentials. This can be automatically generated using Current::own_credentials.	CredentialsList.
Security::Time	Current time. This can be automatically generated using SecurityExtension::Current::current_time.	UtcT
Security::DayOfWeek	Day of the week. This can be automatically generated using Current::day_of_week.	DayOfTheWeek
Security::Operation	String value for the operation being audited.	String.
Security::SuccessFailure	Result of operation.	CORBA::Boolean
SecurityExtension::ValueCompare	Named value comparison. This allows applications to create named value comparisons to filter audit events.	SecurityExtension::ValueCompareValue

The Initiator, Time, and DayOfWeek values can be automatically generated. The RepositoryId can also be generated but this may require an interface repository to be running.

Return Value

True — Create an audit record and send it to the audit channel.

False — Do not create an audit record.

2.4 Operations on the Credentials Interface

Use Credentials operations to enable your application to check that a principal's credentials are still valid or determine a principal's privileges. Credentials operations can also specify secure association options such as delegation mode or modify a Credentials object's existing privileges.

If a Credentials object has a credentials_type of SecReceivedCredentials, it will also support the operations on the ReceivedCredentials interface. See the section Section 2.7 on page 39 for information about the ReceivedCredentials interface.

The Credentials interface supports the following operations:

credentials_type
destroy
get_attributes
is_valid
mechanism

credentials_type

The credentials_type attribute specifies whether the Credentials object was created by the PrincipalAuthenticator object within the current process (own credentials type), or was the received from an incoming client call (received credentials type).

Syntax

IDL

readonly attribute Security::InvocationCredentialsType credentials_type;

IDL	readonly attribute Security::InvocationCredentialsType credentials_type;

Return Value

None.

destroy

The destroy operation destroys a Credentials object. Destroy is called automatically when the last Credentials object reference is released, so while NetCrusader/CORBA supports this operation, you should never need to explicitly call it.

Syntax

IDL

void destroy();

Java

void destroy();

IDL	void destroy();
Java	void destroy();

Return Value

None. The Credentials object is destroyed.

get_attributes

Applications can use the get_attributes operation to obtain security information, such as privileges or an audit identity, from a principal's Credentials object. The application then uses this information to make access control decisions.

If the principal was not authenticated, the only information returned is one privilege attribute of type Public.

Syntax

IDL

Security::AttributeList get_attributes( in Security::AttributeTypeList attributes );

Java

org.omg.Security.SecAttribute[] get_attributes( org.omg.Security.AttributeType[] attributes );

IDL	Security::AttributeList get_attributes( in Security::AttributeTypeList attributes );
Java	org.omg.Security.SecAttribute[] get_attributes( org.omg.Security.AttributeType[] attributes );

Parameters

attributes

Set of security attributes (privilege attributes and identities) you are requesting. If the list is empty, all values are returned.

For information about building the AttributeTypeList, see Section A.2 on page 97.

Return Value

Requested set of attributes about the Credentials object.

is_valid

The is_valid operation determines if credentials are still valid, since Credentials objects may have limited lifetimes. By default, credentials are valid for two hours from the time they are created.

If the credential:

Has expired — This operation returns the value False, and the UtcT value is set to all zeros.
Will never expire (unlimited lifetime) — This operation returns the value True, and the UtcT value is all zeros.
Has not yet expired — This operation returns the value True, and the UtcT value is the absolute time when the credentials will expire.

Syntax

IDL

boolean is_valid( out Security::UtcT expiry_time );

Java

boolean is_valid( org.omg.TimeBase.UtcTHolder expiry_time );

IDL	boolean is_valid( out Security::UtcT expiry_time );
Java	boolean is_valid( org.omg.TimeBase.UtcTHolder expiry_time );

Parameters

expiry_time

Time that the credentials expire.

Return Value

True with UtcT set to all zeros — Credentials object is valid and has an unlimited lifetime.

True with UtcT set to absolute time — Credentials object is still valid.

False — Credentials object has expired.

mechanism

The mechanism attribute specifies the type of mechanism that the Credentials object represents. NetCrusader/CORBA supports a single security mechanism (Kerberos), so mechanism always returns SecurityExtension::TAG_KerberosV5_SEC_MECH_TYPE.

Syntax

IDL

readonly attribute MechansimType mechanism;

Java

java.lang.String mechanism();

IDL	readonly attribute MechansimType mechanism;
Java	java.lang.String mechanism();

Return Value

Security mechanism that created the Credentials object (SecurityExtension::TAG_KerberosV5_SEC_MECH_TYPE).

2.5 Operations on the Current Interface

Operations on the Current object allow the application to obtain information about the current execution context, such as data about the thread of execution used to invoke the operation, and the process to which the thread belongs. Both client and target objects have associated Current objects.

The SecurityLevel2::Current interface supports the following operations and attributes:

access_decision
audit_decision
get_credentials
get_policy
get_security_mechanisms
own_credentials
principal_authenticator
received_credentials
required_rights_object
remove_own_credentials
set_credentials
supported_mechanisms

access_decision

The access_decision attribute is a read-only attribute that obtains a reference to the AccessDecision object. The application can use it to find out whether a set of credentials has the necessary privileges to execute a particular method.

NOTE: NetCrusader/CORBA automatically verifies that access requirements are met, so applications should never need to use the AccessDecision object.

Syntax

IDL

readonly attribute AccessDecision access_decision;

Java

org.omg.SecurityLevel2.AccessDecision access_decision();

IDL	readonly attribute AccessDecision access_decision;
Java	org.omg.SecurityLevel2.AccessDecision access_decision();

Return Value

An object reference to an AccessDecision object.

audit_decision

The audit_decision attribute is a read-only attribute that returns a reference to the AuditDecision object.

Use the AuditDecision object to determine if an application audit event should be written to the audit channel. The AuditDecision attribute applies to application auditing, not to the auditing of system events, so it can not be used to determine whether client or target audit events should be written to the audit channel. Applications can not use this API to generate client or target audit events.

NetCrusader/CORBA automatically determines whether client or target audit events should be written to the audit channel.

Syntax

IDL

readonly attribute AuditDecision audit_decision;

Java

org.omg.SecurityLevel2.AuditDecision audit_decision();

IDL	readonly attribute AuditDecision audit_decision;
Java	org.omg.SecurityLevel2.AuditDecision audit_decision();

Return Value

An object reference to an AuditDecision object.

get_credentials

Before making a call, an application requests the credentials to use by executing the get_credentials operation. This operation retrieves the credentials associated with the current execution environment.

get_credentials does not inspect the delegation policy. If set_credentials has not yet been called, get_credentials is unable to determine the final credentials to be used, because may depend upon the delegation policy in use.

For this reason, get_credentials first returns credentials set by set_credentials, followed by the received credentials (if they can be delegated), and finally the own_credentials.

Syntax

IDL

CredentialsList get_credentials( in Security::CredentialType cred_type );

Java

org.omg.SecurityLevel2.Credentials[] get_credentials( org.omg.Security.CredentialType cred_type );

IDL	CredentialsList get_credentials( in Security::CredentialType cred_type );
Java	org.omg.SecurityLevel2.Credentials[] get_credentials( org.omg.Security.CredentialType cred_type );

Parameters

cred_type

Type of credentials to obtain. Use Security::SecInvocationCredentials.

Return Value

The current CredentialsList (invocation credentials).

get_policy

The get_policy operation lets an application find the security policies that apply to the client. This operation returns the Policy object of the policy_type parameter that you specify.

The CORBA::Policy reference must be narrowed to the appropriate interface (see the policy_type table in the Parameters section).

NOTE: NetCrusader/CORBA does not support the policy types SecClientInvocationAccess, SecApplicationAccess, and SecNonRepudiation.

Syntax

IDL

CORBA::Policy get_policy( in CORBA::PolicyType policy_type );

Java

org.omg.CORBA.Policy get_policy( int policy_type );

IDL	CORBA::Policy get_policy( in CORBA::PolicyType policy_type );
Java	org.omg.CORBA.Policy get_policy( int policy_type );

Parameters

policy_type

Type of policy to obtain. Supported policy types include:

Policy Type Policy Interface Supported by Return Value
Security::SecTargetInvocationAccess

SecurityAdmin::DomainAccessPolicy

Security::SecClientInvocationAudit

SecurityAdmin::DelegationPolicy

Security::SecTargetInvocationAudit

SecurityAdmin::SecureInvocationPolicy

Security::SecApplicationAudit

SecurityAdmin::SecureInvocationPolicy

Security::SecDelegation

SecurityAdmin::AuditPolicy

Security::SecClientSecureInvocation

SecurityAdmin::AuditPolicy

Security::SecTargetSecureInvocation

SecurityAdmin::AuditPolicy

Policy Type	Policy Interface Supported by Return Value
Security::SecTargetInvocationAccess	SecurityAdmin::DomainAccessPolicy
Security::SecClientInvocationAudit	SecurityAdmin::DelegationPolicy
Security::SecTargetInvocationAudit	SecurityAdmin::SecureInvocationPolicy
Security::SecApplicationAudit	SecurityAdmin::SecureInvocationPolicy
Security::SecDelegation	SecurityAdmin::AuditPolicy
Security::SecClientSecureInvocation	SecurityAdmin::AuditPolicy
Security::SecTargetSecureInvocation	SecurityAdmin::AuditPolicy

Return Value

A policy object that can be used to obtain more details about the policy being implemented. For example, the secure invocation policy provides the secure association defaults for the object.

get_security_mechanisms

Application clients use the get_security_mechanisms operation to determine a target's security mechanisms, security names, and association options. Because NetCrusader/CORBA supports a single security mechanism (Kerberos), get_security_mechanisms always returns information about this mechanism.

For information about Kerberos features, see the section supported_mechanisms on page 34.

NOTE: Security names may be shared by multiple objects.

Syntax

IDL

Security::SecurityMechanismDataList get_security_mechanisms in Object obj_ref );

Java

org.omg.Security.SecurityMechanismData[] get_security_mechanisms( org.omg.CORBA.Object obj_ref );

IDL	Security::SecurityMechanismDataList get_security_mechanisms in Object obj_ref );
Java	org.omg.Security.SecurityMechanismData[] get_security_mechanisms( org.omg.CORBA.Object obj_ref );

Parameters

obj_ref

Object reference of the target object whose security information you are requesting.

Return Value

Information about the security mechanism protecting the target object.

own_credentials

The own_credentials attribute returns the application's set of credentials. The application obtains these credentials through the authentication of the principal that executes the program.

You do not need to call Credentials::destroy on the credentials returned from this call.

Syntax

IDL

readonly attribute CredentialsList own_credentials;

Java

org.omg.SecurityLevel2.Credentials[] own_credentials();

IDL	readonly attribute CredentialsList own_credentials;
Java	org.omg.SecurityLevel2.Credentials[] own_credentials();

Return Value

A sequence of Credentials object references that the application owns.

principal_authenticator

The principal_authenticator attribute is a read-only attribute that obtains a reference to the PrincipalAuthenticator object. The application can use the PrincipalAuthenticator object to authenticate principals and obtain Credentials objects for the principals, which contain the principals' privilege attributes.

To create credentials with a client's username and password, such as in a Basic Authentication scenario, do not use the PrincipalAuthenticator object, which updates the application's own_credentials list for the entire process. Instead, call the acquire_credentials operation on the Vault interface, then call Current::set_credentials to use the credentials for outgoing calls.

Syntax

IDL

readonly attribute principalAuthenticator principal_authenticator;

Java

org.omg.SecurityLevel2.PrincipalAuthenticator principal_authenticator();

IDL	readonly attribute principalAuthenticator principal_authenticator;
Java	org.omg.SecurityLevel2.PrincipalAuthenticator principal_authenticator();

Return Value

An object reference to the PrincipalAuthenticator object.

received_credentials

The received_credentials attribute contains the credentials that the application receives from the client. You can also get information on the received_credentials by looking at the attributes of the ReceivedCredentials interface.

You do not need to call Credentials::destroy on the credentials returned from this call.

Syntax

IDL

readonly attribute CredentialsList received_credentials;

Java

org.omg.SecurityLevel2.Credentials[] received_credentials();

IDL	readonly attribute CredentialsList received_credentials;
Java	org.omg.SecurityLevel2.Credentials[] received_credentials();

Return Value

The ReceivedCredentials object reference received from the requester.

remove_own_credentials

The remove_own_credentials operation removes the credentials you specify from the Current object's own_credentials list. If the given Credentials object is not on the own_credentials list, remove_own_credentials throws a CORBA::BAD_PARAM exception.

This operation affects all subsequent processes, not just the current thread. To override the invocation credentials for a single call, use the set_credentials operation (see page 32).

Syntax

IDL

void remove_own_credentials( in Credentials creds );

Java

org.omg.SecurityLevel2.Credentials creds; remove_own_credentials(creds);

IDL	void remove_own_credentials( in Credentials creds );
Java	org.omg.SecurityLevel2.Credentials creds; remove_own_credentials(creds);

Parameters

creds

Credentials object to remove from the own_credentials list.

Return Value

None.

required_rights_object

The required_rights_object attribute is a read-only attribute used to find the rights that an operation requires. Applications rarely use the RequiredRights object directly. Rather, AccessDecision objects generally use it to find the rights required to use a particular interface.

However, applications can use the RequiredRights object directly to perform their own access control.

NOTE: The RequiredRights interface is described in Section 2.8 on page 42.

Syntax

IDL

readonly attribute RequiredRights required_rights_object;

Java

org.omg.SecurityLevel2.RequiredRights required_rights_object();

IDL	readonly attribute RequiredRights required_rights_object;
Java	org.omg.SecurityLevel2.RequiredRights required_rights_object();

Return Value

An object reference to a RequiredRights object.

set_credentials

Normally, a client uses its own credentials to make calls, and delegating servers use the credentials received from the initiating client. In certain cases, you may want the application to override these defaults.

The set_credentials operation specifies the credentials you want to use for subsequent object invocations. This operation only affects calls made from the current thread of execution.

For example, delegate received credentials by using the Current::received_credentials attribute as the specified credentials in the set_credentials operation.

set_credentials is reset on each incoming call into an intermediate object.

NOTE: Setting credentials for non-repudiation is not supported.

Syntax

IDL

void set_credentials( in Security::CredentialType cred_type, in CredentialsList creds, in Security::DelegationDirective del );

Java

void set_credentials( org.omg.Security.CredentialType cred_type, org.omg.SecurityLevel2.Credentials[] creds, org.omg.Security.DelegationDirective del );

IDL	void set_credentials( in Security::CredentialType cred_type, in CredentialsList creds, in Security::DelegationDirective del );
Java	void set_credentials( org.omg.Security.CredentialType cred_type, org.omg.SecurityLevel2.Credentials[] creds, org.omg.Security.DelegationDirective del );

Parameters

cred_type

Type of credentials to be set. Use Security::SecInvocationCredentials.

creds

Object reference of the CredentialsList object, which will become the default.

del

Delegation mode for the credentials you are setting. Use Security::Delegate.

Return Value

None.

supported_mechanisms

The supported_mechanisms attribute is a read-only attribute that returns a list of supported mechansims and features.

NetCrusader/CORBA supports one type of security mechanism (Kerberos), so this call returns a MechandOptionsList with a single element. The mechanism type is SecurityExtension::TAG_KerberosV5_SEC_MECH_TYPE.

The features supported are:

Security::Integrity
Security::DetectReplay
Security::DetectMisordering
Security::EstablishTrustInTarget
Security::EstablishTrustInClient
Security::NoDelegation
Security::SimpleDelegation
Security::CompositeDelegation
Security::NoProtection
Security::Confidentiality (included only if underlying the security mechanism supports encryption)

Syntax

IDL

readonly attribute Security::MechandOptionsList supported_mechanisms;

Java

org.omg.Security.MechandOptions[] supported_mechanisms();

IDL	readonly attribute Security::MechandOptionsList supported_mechanisms;
Java	org.omg.Security.MechandOptions[] supported_mechanisms();

Return Value

Security mechanism options list.

2.6 Operations on the PrincipalAuthenticator Interface

If a principal requires authentication and was not authenticated before it called the system, invoking the PrincipalAuthenticator object creates a Credentials object for the principal, and authenticates the principal using the supported authentication method you specify.

After authentication occurs, the PrincipalAuthenticator object places the new Credentials object at the beginning of the Current object's own_credentials list.

The PrincipalAuthenticator interface supports the following operations:

authenticate
continue_authentication
get_supported_authen_method

authenticate

The authenticate operation uses the Vault interface to authenticate a principal. It may also request privilege attributes if the principal requires them. This operation creates a Credentials object that includes the required attributes and is placed at the beginning of the Current object's own_credentials list.

If you have a NetCrusader/Web or DCE environment that you want to integrate with your CORBA environment, use the SecurityExtension::AuthMethodLoginContext method to pass the DCE login handle as the auth_data value.

Syntax

IDL

Security::AuthenticationStatus authenticate( in Security::AuthenticationMethod method, in Security::MechanismType mechanism, in Security::SecurityName security_name, in Security::Opaque auth_data, in Security:: AttributeList privileges, out Credentials creds, out Security::Opaque continuation_data, out Security::Opaque auth_specific_data );

Java

org.omg.Security.AuthenticationStatus authenticate( int method, java.lang.String mechanism, java.lang.String security_name, byte[] auth_data, org.omg.Security.SecAttribute[] privileges, org.omg.SecurityLevel2.CredentialsHolder creds, org.omg.Security.OpaqueHolder continuation_data, org.omg.Security.OpaqueHolder auth_specific_data );

Parameters

method

Identifier of the authentication method used. Options include:

SecurityExtension::AuthMethodNone
SecurityExtension::AuthMethodKeytab
SecurityExtension::AuthMethodPassword
SecurityExtension::AuthMethodLoginContext

mechanism

Security mechanism to be used to create the credentials. Use SecurityExtension::TAG_KerberosV5_SEC_MECH_TYPE.

security_name

Principal's identification information (for example, login name). See the following table for values.

If method is...

security_name is...

SecurityExtension::AuthMethodNone

Null.

SecurityExtension::AuthMethodKeytab

Principal name to be authenticated.

SecurityExtension::AuthMethodPassword

Principal name to be authenticated.

SecurityExtension::AuthMethodLoginContext

Null.

auth_data

Principal's authentication information such as password or long-term key. See the following table for values.

If method is...

auth_data is...

SecurityExtension::AuthMethodNone

Empty.

SecurityExtension::AuthMethodKeytab

Keytable file name.

SecurityExtension::AuthMethodPassword

String password.

SecurityExtension::AuthMethodLoginContext

DCE login handle.

privileges

Not used.

creds

Object reference of the newly-created Credentials object. It is not fully initialized. Therefore, it is unusable unless the return value is SecAuthSuccess.

continuation_data

Not used.

auth_specific_data

Not used.

Return Value

Security::SecAuthSuccess — Authentication was successful. An object reference to the newly-created, initialized Credentials object is available in the creds parameter.

Security::SecAuthFailure — Authentication data was inconsistent or erroneous and a Credentials object was not created.

continue_authentication

Use the continue_authentication operation when authentication requires multiple steps. For example, some applications may use a challenge/response authentication procedure.

Call this operation only if the authenticate operation returns the value SecAuthContinue.

NOTE: NetCrusader/CORBA does not currently support multistep authentication methods, so the continue_authentication method throws a CORBA::NO_IMPLEMENT exception.

Syntax

IDL

Security::AuthenticationStatus continue_authentication( in Security::Opaque response_data, in Credentials creds, out Security::Opaque continuation_data, out Security::Opaque auth_specific_data );

Java

org.omg.Security.AuthenticationStatus continue_authentication( byte[] response_data, org.omg.SecurityLevel2.Credentials creds, org.omg.Security.OpaqueHolder continuation_data, org.omg.Security.OpaqueHolder auth_specific_data );

Parameters

response_data

Response data to the challenge.

creds

Reference of the partially-initialized Credentials object. The Credentials object is fully initialized only when the return parameter is SecAuthSuccess.

continuation_data

Opaque data structure containing challenge information.

auth_specific_data

Opaque data about the authentication service in use.

Return Value

Security::SecAuthSuccess — Authentication was successful. The object reference of the newly-created, initialized Credentials object is available in the creds parameter.

Security::SecAuthFailure — Indicates that the response data was inconsistent or erroneous and a Credentials object was not created.

Security::SecAuthContinue — Indicates that the authentication process is a multiple-step procedure. The creds parameter contains the object reference of a partially-initialized Credentials object, and the continuation_data parameter contains the details of the authentication procedure.

Security::SecAuthExpired — Authentication data contained some expired information (such as an expired password). A Credentials object was not created.

get_supported_authen_method

The get_supported_authen_method operation obtains the authentication methods that are valid for a particular supported security mechanism NetCrusader/CORBA uses Kerberos, which supports the following authentication methods:

SecurityExtension::AuthMethodNone
SecurityExtension::AuthMethodKeytab
SecurityExtension::AuthMethodPassword
SecurityExtension::AuthMethodLoginContext

These authentication methods are described in the section authenticate on page 35.

This operation raises a CORBA::BAD_PARAM exception if the system does not support the mechanism.

Syntax

IDL

Security::AuthenticationMethodList get_supported_authen_methods( in Security::MechanismType mechanism );

Java

int[] get_supported_authen_methods( java.lang.String mechanism );

Parameters

mechanism

Mechanism for which the authentication methods are valid. Use SecurityExtension::TAG_KerbersoV5_SEC_MECH_TYPE.

Return Value

List of authentication methods the PrincipalAuthenticator object supports for this mechanism.

2.7 Operations on the ReceivedCredentials Interface

Credentials that are received from a client support the ReceivedCredentials interface in addition to the Credentials interface. This allows applications to check a Credentials object's delegation mode and other security settings related to the transmission of credentials.

The ReceivedCredentials interface inherits from the Credentials interface, and contains a principal's credentials for a secure association. The ReceivedCredentials interface supports the following operations:

accepting_credentials
association_options_used
delegation_mode
delegation_state

accepting_credentials

The accepting_credentials attribute contains the credentials used on the accepting side of a secure association negotiation with a remote principal. In most cases, the accepting credentials are the Current object's own_credentials.

Syntax

IDL

readonly attribute CredentialsList accepting_credentials

Java

org.omg.SecurityLevel2.Credentials[] accepting_credentials();

Return Value

List of accepting credentials.

association_options_used

The association_options_used attribute contains the secure association features in effect for a secure association with a remote principal.

Syntax

IDL

readonly attribute Security::AssociationOptions association_options_used

Java

short association_options_used();

Return Value

List of association options for security context.

delegation_mode

The delegation_mode attribute indicates the type of delegation supported by the ReceivedCredentials object:

SecDelModeNoDelegation — Credentials can not be used to make invocations.
SecDelModeSimpleDelegation — Delegation with no tracing of intermediate's credentials.
SecDelModeCompositeDelegation — Delegation with tracing of credentials.

When delegating credentials, applications must retain the delegation mode returned by this operation.

Syntax

IDL

readonly attribute Security::DelegationMode delegation_mode

Java

org.omg.Security.DelegationMode delegation_mode();

Return Value

Delegation mode of credentials.

delegation_state

The delegation_state attribute indicates the delegation state of a principal:

SecInitiator — Principal is acting on its own behalf.
SecDelegate — Principal is acting on behalf of another principal.

NOTE: When simple delegation is in use, the Kerberos security mechanism may be unable to distinguish between an initiating client and a delegate. In this case the delegation_state attribute would always be SecInitiator. When composite delegation is in use, delegation_state is correctly reported.

For more information about simple and composite delegation states, refer to the section delegation_mode above, or to the NetCrusader/CORBA Overview Guide.

Syntax

IDL

readonly attribute Security::DelegationState delegation_state

Java

org.omg.Security.DelegationState delegation_state();

Return Value

Delegation state of the client.

2.8 Operations on the RequiredRights Interface

RequiredRights objects contain the rights that a client must have in order to execute an operation. The RequiredRights interface supports the following operations:

get_required_rights
set_required_rights

get_required_rights

The get_required_rights operation retrieves the rights that an object or interface requires a client to have before the client can perform the requested operation. If an operation does not have specific required rights associated with it, get_required_rights retrieves the interface's required rights.

Syntax

IDL

void get_required_rights( in Object obj, in CORBA::Identifier operation_name, in CORBA::RepositoryId interface_name, out Security::RightsList rights, out Security::RightsCombinator rights_combinator );

Java

void get_required_rights( org.omg.CORBA.Object obj, java.lang.String operation_name, java.lang.String interface_name, org.omg.Security.RightsListHolder rights, org.omg.Security.RightsCombinatorHolder rights_combinator );

Parameters

obj

Target object, for which required rights are to be returned. May be Object::_nil, as long as interface_name is set.

operation_name

Name of the operation whose required rights are requested.

interface_name

Name of the interface in which the operation described by operation_name is defined, if this is different from the interface of which obj is a direct instance. This may be empty as long as obj is set.

rights

Returned list of required rights.

rights_combinator

Returned rights combinator. The rights combinator defines how to interpret operations with more than one required right:

AllRights — Access allowed if all of the operation's rights are granted.
AnyRight — Access allowed if any of the operation's rights are granted.

Return Value

None.

set_required_rights

The set_required_rights operation allows the caller to change an operations's required rights. Operations without their own required rights use the interface's rights. You can not set default rights that apply to all interfaces.

Syntax

IDL

void set_required_rights( in CORBA::Identifier operation_name, in CORBA::RepositoryId interface_name, in Security::RightsList rights, in Security::RightsCombinator rights_combinator );

Java

void set_required_rights( java.lang.String operation_name, java.lang.String interface_name, org.omg.Security.Right[] rights, org.omg.Security.RightsCombinator rights_combinator );

Parameters

operation_name

Operation whose required rights are to be updated. This may be empty. If it is empty, the rights are set as the default rights for the interface.

interface_name

The interface whose required rights are to be updated.

rights

New list of required rights.

rights_combinator

New rights combinator for the operation. The rights combinator defines how to interpret operations with more than one required right:

AllRights — Access allowed if all of the operation's rights are granted.
AnyRight — Access allowed if any of the operation's rights are granted.

Return Value

None.

[Previous] [Next] [Table of Contents] [Index]

To make comments or ask for help, contact support@gradient.com.

If method is...	security_name is...
SecurityExtension::AuthMethodNone	Null.
SecurityExtension::AuthMethodKeytab	Principal name to be authenticated.
SecurityExtension::AuthMethodPassword	Principal name to be authenticated.
SecurityExtension::AuthMethodLoginContext	Null.

If method is...	auth_data is...
SecurityExtension::AuthMethodNone	Empty.
SecurityExtension::AuthMethodKeytab	Keytable file name.
SecurityExtension::AuthMethodPassword	String password.
SecurityExtension::AuthMethodLoginContext	DCE login handle.

IDL	Security::AuthenticationMethodList get_supported_authen_methods( in Security::MechanismType mechanism );
Java	int[] get_supported_authen_methods( java.lang.String mechanism );

IDL	readonly attribute CredentialsList accepting_credentials
Java	org.omg.SecurityLevel2.Credentials[] accepting_credentials();

IDL	readonly attribute Security::AssociationOptions association_options_used
Java	short association_options_used();

IDL	readonly attribute Security::DelegationMode delegation_mode
Java	org.omg.Security.DelegationMode delegation_mode();

IDL	readonly attribute Security::DelegationState delegation_state
Java	org.omg.Security.DelegationState delegation_state();

Syntax

Syntax

Return Value

Return Value

Copyright © 1999 Gradient Technologies, Inc.