Main Page   Namespace List   Class Hierarchy   Alphabetical List   Compound List   File List   Namespace Members   Compound Members  

SecurityLevel2.idl

Go to the documentation of this file.
00001 #ifndef _SECURITY_LEVEL_2_IDL
00002 #define _SECURITY_LEVEL_2_IDL
00003 
00009 #include <SecurityLevel1.idl>
00010 
00011 #pragma prefix "omg.org"
00012 
00013 module SecurityLevel2
00014 {
00015    // Forward declaration of interfaces
00016 
00017    local interface PrincipalAuthenticator;
00018    local interface Credentials;
00019    local interface Current;
00020 
00021    local interface PrincipalAuthenticator
00022    {
00023       Security::AuthenticationMethodList get_supported_authen_methods
00024          (in Security::MechanismType mechanism);
00025 
00026       Security::AuthenticationStatus authenticate
00027       (
00028          in Security::AuthenticationMethod method,
00029          in Security::MechanismType mechanism,
00030          in Security::SecurityName security_name,
00031          in any auth_data,
00032          in Security::AttributeList privileges,
00033          out Credentials creds,
00034          out any continuation_data,
00035          out any auth_specific_data
00036       );
00037 
00038       Security::AuthenticationStatus continue_authentication
00039       (
00040          in any response_data,
00041          in Credentials creds,
00042          out any continuation_data,
00043          out any auth_specific_data
00044       );
00045    };
00046 
00047    local interface Credentials
00048    {
00049       Credentials copy ();
00050       void destroy ();
00051 
00052       readonly attribute Security::InvocationCredentialsType credentials_type;
00053       readonly attribute Security::AuthenticationStatus authentication_state;
00054       readonly attribute Security::MechanismType mechanism;
00055       attribute Security::AssociationOptions accepting_options_supported;
00056       attribute Security::AssociationOptions accepting_options_required;
00057       attribute Security::AssociationOptions invocation_options_supported;
00058       attribute Security::AssociationOptions invocation_options_required;
00059 
00060       boolean get_security_feature
00061       (
00062          in Security::CommunicationDirection direction,
00063          in Security::SecurityFeature feature
00064       );
00065       boolean set_attributes
00066       (
00067          in Security::AttributeList requested_attributes,
00068          out Security::AttributeList actual_attributes
00069       );
00070       Security::AttributeList get_attributes
00071          (in Security::AttributeTypeList attributes);
00072       boolean is_valid (out Security::UtcT expiry_time);
00073       boolean refresh (in any refresh_data);
00074    }; 
00075 
00076    typedef sequence <Credentials> CredentialsList;
00077 
00078    local interface ReceivedCredentials : Credentials
00079    {
00080       readonly attribute Credentials accepting_credentials;
00081       readonly attribute Security::AssociationOptions association_options_used;
00082       readonly attribute Security::DelegationState delegation_state;
00083       readonly attribute Security::DelegationMode delegation_mode;
00084    };
00085 
00086    local interface TargetCredentials : Credentials
00087    {
00088       readonly attribute Credentials initiating_credentials;
00089       readonly attribute Security::AssociationOptions association_options_used;
00090    };
00091 
00092    interface RequiredRights
00093    {
00094       void get_required_rights
00095       (
00096          in Object obj,
00097          in CORBA::Identifier operation_name,
00098          in CORBA::RepositoryId interface_name,
00099          out Security::RightsList rights,
00100          out Security::RightsCombinator rights_combinator
00101       );
00102 
00103       void set_required_rights
00104       (
00105          in CORBA::Identifier operation_name,
00106          in CORBA::RepositoryId interface_name,
00107          in Security::RightsList rights,
00108          in Security::RightsCombinator rights_combinator
00109       );
00110    };
00111 
00112    local interface AuditChannel
00113    {
00114       void audit_write
00115       (
00116          in Security::AuditEventType event_type,
00117          in CredentialsList creds,
00118          in Security::UtcT time,
00119          in Security::SelectorValueList descriptors,
00120          in any event_specific_data
00121       );
00122 
00123        readonly attribute Security::AuditChannelId audit_channel_id;
00124    };
00125 
00126    local interface AuditDecision
00127    {
00128       boolean audit_needed
00129       (
00130          in Security::AuditEventType event_type,
00131          in Security::SelectorValueList value_list
00132       );
00133 
00134       readonly attribute AuditChannel audit_channel;
00135    };
00136 
00137    local interface AccessDecision
00138    {
00139       boolean access_allowed
00140       (
00141          in SecurityLevel2::CredentialsList cred_list,
00142          in Object target,
00143          in CORBA::Identifier operation_name,
00144          in CORBA::Identifier target_interface_name
00145       );
00146    };
00147 
00148    local interface QOPPolicy : CORBA::Policy
00149    {
00150       readonly attribute Security::QOP qop;
00151    };
00152 
00153    local interface MechanismPolicy : CORBA::Policy
00154    {
00155       readonly attribute Security::MechanismTypeList mechanisms;
00156    };
00157 
00158    local interface InvocationCredentialsPolicy : CORBA::Policy
00159    {
00160       readonly attribute CredentialsList creds;
00161    };
00162 
00163    local interface EstablishTrustPolicy : CORBA::Policy
00164    {
00165       readonly attribute Security::EstablishTrust trust;
00166    };
00167 
00168    local interface DelegationDirectivePolicy : CORBA::Policy
00169    {
00170       readonly attribute Security::DelegationDirective delegation_directive;
00171    };
00172 
00173    local interface SecurityManager
00174    {
00175       readonly attribute Security::MechandOptionsList supported_mechanisms;
00176       readonly attribute CredentialsList own_credentials;
00177       readonly attribute RequiredRights required_rights_object;
00178       readonly attribute PrincipalAuthenticator principal_authenticator;
00179       readonly attribute AccessDecision access_decision;
00180       readonly attribute AuditDecision audit_decision;
00181 
00182       TargetCredentials get_target_credentials (in Object obj_ref);
00183       void remove_own_credentials (in Credentials creds);
00184       CORBA::Policy get_security_policy (in CORBA::PolicyType policy_type);
00185    };
00186 
00187    local interface Current : SecurityLevel1::Current
00188    {
00189       readonly attribute ReceivedCredentials received_credentials;
00190    };
00191 };
00192 
00193 #endif