NetCrusader/CORBA Release Notes

Software Version 1.1
December 8, 2000

The Entegrity® NetCrusader/CORBA Security Service provides security for CORBA applications, including authentication, access control, confidentiality, delegation, and auditing. Refer to the NetCrusader™/CORBA Overview Guide for a complete description of the product.

This release note applies to NetCrusader/CORBA Version 1.1. It contains the following sections:

1. New in this Release
2. Fixed Issues
3. Unsupported Functionality and Known Problems
4. Notes on Installation and Uninstallation
5. Notes on Operation
6. NetCrusader/CORBA Documentation
7. Obtaining Technical Support

Version 1.1 of NetCrusader/CORBA is a point-release that adds runtime support for the Windows 98 and Windows 95 platforms and for Entegrity NetCrusader/DCE PC-DCE 4.0.

NOTE: The installer included with Version 1.1 is intended for new systems. If you need to upgrade from NetCrusader/CORBA 1.0 or 1.0.1, see the notes on installation in Section 4. on page 9.

1. New in this Release

The following items are new or changed in this release:

• Windows 98 and Windows 95 clients are now supported.

• Entegrity NetCrusader/DCE PC-DCE 4.0 is now supported.

• Installation is no longer integrated with PC-DCE. The NetCrusader/CORBA installer does not install the security infrastructure. NetCrusader/DCE PC-DCE still must be installed and configured before you can install NetCrusader/CORBA.

The following items were fixed in the previous version (Version 1.0.1) of the product:

• Runtime initialization time and performance has been enhanced.

• Caching of policies and required rights is now more effective.

• Less disk access is required during initialization.

• The wire-format marshalling has been enhanced; therefore, this version is not backward compatible with clients and servers running Version 1.0. However, you may still use existing domains, policies, required rights, users, and groups that you configured using NetCrusader/CORBA 1.0

• Servers will no longer fail to initialize when creating anonymous objects.

This section describes unsupported functionality and known problems for this release of NetCrusader/CORBA.

Backward Compatibility with Version 1.0

Due to enhancement of wire-format marshalling, this version is not backward compatible with clients and servers running Version 1.0. However, you may still use existing domains, policies, required rights, users, and groups that you configured using NetCrusader/CORBA 1.0

Unsupported Functionality

• CORBA servers must authenticate using username/keytab authentication. This is true on both the Solaris and Windows NT platforms. CORBA servers are not supported on Windows 98 or Windows 95 (only clients are supported).

• The NetCrusader Security Server is intended to be installed on a machine running Windows NT Server 4.0. The installation program allows you to install the Security Server on a Windows NT Workstation 4.0 machine, but this is not a supported platform for the Security Server.

• The VisiBroker C++ runtime and SDK are not supported in this release.

• Mapping of SSL certificates to Security Server identities is not supported in this release.

• CORBA servers running on the Security Server are not supported, and may not load the Required Rights properly.

• In certain circumstances, NetCrusader/CORBA may display proprietary error messages to the console window of a running CORBA application. These messages do not affect the correct operation of the system.

• The following operations of GradDomainManager do not function correctly or are not available: admins, users, grant_admin_rights, grant_user_rights, and revoke_rights. Use NetCrusader Commander to enforce access controls for CORBA domains.

• Clarification: The CORBA security specification does not define what action should be taken when a client or intermediate uses credentials that are inconsistent with the specified delegation policy. For example, this can occur when a client specifies a delegation policy other than None (since a client does not have received credentials to delegate) or when an intermediate has a delegation policy of Simple, but its received credentials are of type Composite. In these cases, NetCrusader/CORBA takes the conservative stance and denies access.

• No audit event is generated when an unsecured client connects to a secured CORBA server. This is because the connection itself is unsecured. CORBA servers can specify secure invocation policies that prevent unsecured callers from contacting them, but no auditing is available when the connection is allowed.

• Application-specific audit events written to the CORBA log are not supported.

• Extra-parameter data, such as Contexts, Environments, and ServiceContexts, is not currently protected by NetCrusader/CORBA.

• NetCrusader/CORBA currently ignores Client Secure Invocation options for requiring confidentiality. To enable confidentiality, configure the target's Target Secure Invocation Policy to require confidentiality and configure the Client Secure Invocation Policy to support confidentiality.

• Users must have Management rights for a domain to have permission to modify the policies that belong to that domain. By default, NetCrusader/CORBA is installed with a single "root" domain, which is managed by the Security Server's administrator. All domains that you subsequently create will belong to the hierarchy based at this root domain.

  The administrator may grant Management rights to any other user for a particular domain, and these rights apply to the specified domain and any sub-domains. However, only the administrator may create new domains.

• In-process clients and targets using VisiBroker's object wrapper functionality to enable the security service are not supported in this version.

• CORBA applications, by default, may communicate with unsecured CORBA server applications. This allows secured CORBA client applications to communicate with system services that may be unsecured, such as the interface repository and naming service.

  If you specify a Client Secure Invocation Policy in a domain and set the default requirement to be a secured connection, then a CORBA application running in that domain will no longer be able to communicate with an unsecured system service. This includes the ability for a CORBA server application to register with the osagent.

  To prevent the CORBA server application from calling an unsecured server, but to allow it to register with the Basic Object Adapter (BOA):

1. Create a Client Secure Invocation Policy in the server application's domain that has a default requirement for security.

2. Set the requirement on the IDL:visigenic.com/Activation/OAD:1.0 interface to No Security.

• If you are going to install Commander on a machine that has NetCrusader/Web installed, install Commander from the NetCrusader/CORBA installation over it. Do not install the NetCrusader/Web version of Commander over a NetCrusader/CORBA version.

• At the bottom of the Microsoft Management Console (MMC) window there is a login indicator that is intended to show the username the user provided at the login prompt. It does not always function correctly. It sometimes shows <unknown> as the user, and it will disappear and reappear as different items in the scope pane are selected.

• Administrators can use the RequiredRights interface to set the required rights of an operation to include rights that are not part of a rights family defined in Commander. When these required rights are viewed in Commander, the rights family is displayed as unknown.

• The creation of users and groups in the Security Server requires the administrator's password. Commander may prompt the user to log in again for these tasks, so that this password is available, even though the user has already logged into Commander.

• Running the Createkt utility a second time on the same machine, for the same server account name, but with a different output filename may not create the new file, although the utility will appear to work.

• The Createkt utility does not function properly when the -c option is used to create a server account. To use the utility, first create an account for your server using Commander and then use the Createkt utility, without the -c option, to create a key-table file for the server account.

The installer included with Version 1.1 is intended for new systems. If you need to upgrade from NetCrusader/CORBA 1.0 or 1.0.1:

1. Uninstall the previous version of NetCrusader/CORBA. Do not uninstall the NetCrusader Security Server or NetCrusader Security Client. PC-DCE must be installed and configured to successfully install NetCrusader/CORBA.

2. Install NetCrusader/CORBA Version 1.1.

The following notes also apply to installing or uninstalling NetCrusader/CORBA:

• The Version 1.1 uninstaller does not attempt to remove the NetCrusader/CORBA entries from the autoexec.bat file on Windows 98 and Windows 95. You must remove these entries manually.

• When using Add/Remove Programs on the Control Panel, if you select NetCrusader Security Services and press the Add/Remove button, NetCrusader Security Services are stopped. If you select No at the confirmation dialog (that is, you cancel the action), the Security Services are not removed, but they remain stopped. You need to restart them manually using the Services window in the Control Panel.

• Under certain conditions, uninstalling Versions 1.0 and 1.0.1 from the Add/Remove dialog may be unsuccessful. If so, you may uninstall manually by following the directions in the following section for uninstalling NetCrusader/CORBA manually.

• See Commander-Related Issues for important considerations when installing Commander in a NetCrusader/Web environment.

• If you install NetCrusader/CORBA over an existing installation of Entegrity PC-DCE, NetCrusader/CORBA uses the existing cell configuration.

• The Security Server or Security Client are displayed separately in the Add and Remove Programs dialog in the NetCrusader/CORBA installation program. This means that a user can uninstall the security infrastructure without uninstalling NetCrusader/CORBA; there is no enforced dependency in the Add and Remove Programs dialog. However, NetCrusader/CORBA will not work without the security infrastructure.

• When a Security Server replica is uninstalled, the NetCrusader/CORBA and Security Server files are removed from the local machine, but the master Security Server will still contain configuration information for the replica. Contact Entegrity Technical Support for information on removing the replica configuration information from the master Security Server.

To uninstall these versions of NetCrusader/CORBA manually:

1. Close all windows that use the NetCrusader product. This includes Commander, CORBA Object Servers, and CORBA Object Clients.

2. Using the Services dialog of the Control Panel, stop the NetCrusader Security Services.

3. Using regsrv32, unregister CorbaSec.dll and WebCrusader.dll.

4. Using Control Panel, System, Environment, remove the NetCrusader entries in the ClassPath variable in the System variables section.

5. Using Control Panel, System, Environment, remove the NetCrusader entries in the Path variable in the System variables section

6. Delete the install folder for the NetCrusader Security Services. (For example, if you installed the Security Services in C:\Program Files\Gradient\NetCrusader Security Server, delete C:\Program Files\Gradient\NetCrusader Security Server.)

7. Delete the install folder for the NetCrusader product. (For example, if you installed the Security Services in C:\Program Files\Gradient\NetCrusader, delete C:\Program Files\Gradient\NetCrusader.)

8. Start the Windows Registry Editor (run regedit from Run on the Start button.)

9. Expand the HKEY_LOCAL_MACHINE\SOFTWARE\GRADIENT folder and remove all entries in the folder.

10. Expand the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall folder and remove any entry containing NetCrusader. There will be an entry for both NetCrusader-CORBA and NetCrusader Security Services. The entry for NetCrusader-CORBA is called NetCrusader-CORBA; however, the entry for the Security Services may be called either Security Server, Security Client, or NetCrusader Security Services, depending on the configuration installed.

11. Close the Windows Registry Editor.

12. Reboot the computer.

• When using Commander to enter required rights for an interface that is not defined in the Interface Repository (IR), you must enter the IR's ID manually. Be sure to match the interface of your object exactly, including a prefix, the modules, and the version specifier. When entering required rights for the operations of the interface, also be sure to match the spelling of the operation names exactly. Attribute names must be prefixed with _get_ or _set_ to distinguish between rights for reading and writing the attribute. Remember that operation names are case-sensitive.

• Microsoft Management Console (MMC) Version 1.1, which ships with NetCrusader/CORBA, is required for proper operation of the NetCrusader Commander. If you are running an earlier version of MMC, you must upgrade to Version 1.1.

• When using Commander, do not remove the admin principal from the Manage Policies list on the Domain Access Policy properties page. This includes adding the admin principal to the View Policies list, because doing so removes admin from the Manage Policies list.

  Removing the administrator from the Manage Policies list leaves the administrator without management rights, and you will not be able to re-assign them.

• Access policies are stored with internal ID's that uniquely identify users and groups. You cannot gain access to a CORBA server by replacing a user or group with a new user or group with the same name. If you need to delete a user or group, you must remove the user or group from all access policies before adding a new user or group that has the same name as the deleted entry.

With the exception of the Release Notes (this document), the documents for Entegrity NetCrusader/CORBA 1.1 and 1.0.1 use the documents labeled Gradient NetCrusader/CORBA 1.0.

NetCrusader/CORBA ships with the following documentation:

• NetCrusader/CORBA Installation and Operation Guide — Contains installation instructions, describes how to begin using NetCrusader Commander to configure your environment, includes instructions on how to tell your application to call the NetCrusader/CORBA ORB service, and describes how the NetCrusader/CORBA integration with SSL works.

• NetCrusader/CORBA Overview Guide — Provides a description of the product and its features and an overview of how the product works.

• NetCrusader/CORBA Application Developer's Guide — Describes how to implement the Application Programmer's Interfaces that NetCrusader/CORBA supports.

• NetCrusader/CORBA Release Notes (this document)

You can find these documents in both HTML and PDF formats on the Entegrity distribution CD. To access the documentation, use a web browser to open index.htm in the doclib directory. The documents are also available on the Entegrity web site at http://www.entegrity.com.

NetCrusader Commander, the graphical program for managing the secure environment, includes an online help system.

7. Obtaining Technical Support

If you purchased NetCrusader/CORBA from Entegrity Solutions, you are entitled to 30 days of limited technical support beginning on the day the product is expected to arrive.

You may also purchase a support plan that entitles you to additional services. You must register prior to receiving this support. For details, refer to the customer support information package that accompanied your shipment or refer to the Technical Support area of http://support.entegrity.com. The Web site also contains online forms for easy registration.

If you purchased NetCrusader/CORBA from a reseller, please contact the reseller for information on obtaining technical support.

Contacting Entegrity Solutions

See the contact information on our web site: http://www.entegrity.com/corporate/offices.shtml