Main Page   Namespace List   Class Hierarchy   Alphabetical List   Compound List   File List   Namespace Members   Compound Members  

SecurityReplaceable.idl

Go to the documentation of this file.
00001 #ifndef _SECURITY_REPLACEABLE_IDL_
00002 #define _SECURITY_REPLACEABLE_IDL_
00003 
00004 #include <SecurityLevel2.idl>
00005 
00006 #pragma prefix "omg.org"
00007 
00008 module SecurityReplaceable
00009 {
00010    local interface SecurityContext;
00011    local interface ClientSecurityContext;
00012    local interface ServerSecurityContext;
00013 
00014    local interface Vault
00015    {
00016       Security::AuthenticationMethodList get_supported_authen_methods
00017          (in Security::MechanismType mechanism);
00018 
00019       readonly attribute Security::OIDList supported_mech_oids;
00020 
00021       Security::AuthenticationStatus acquire_credentials
00022       (
00023          in Security::AuthenticationMethod method, 
00024          in Security::MechanismType mechanism,
00025          in Security::SecurityName security_name,
00026          in any auth_data,
00027          in Security::AttributeList privileges,
00028          out SecurityLevel2::Credentials creds,
00029          out any continuation_data,
00030          out any auth_specific_data
00031       );
00032 
00033       Security::AuthenticationStatus continue_credentials_acquisition
00034       (
00035          in any response_data,
00036          in SecurityLevel2::Credentials creds,
00037          out any continuation_data,
00038          out any auth_specific_data
00039       );
00040 
00041 #ifndef VISIBROKER50
00042 #ifndef VISIBROKER51
00043 #ifndef VISIBROKER52
00044 #ifndef VISIBROKER60
00045       IOP::TaggedComponentSeq create_ior_components
00046          (in SecurityLevel2::Credentials creds_list);
00047 #endif
00048 #endif
00049 #endif
00050 #endif
00051 
00052       Security::AssociationStatus init_security_context
00053       (
00054          in SecurityLevel2::Credentials creds,
00055          in Security::SecurityName target_security_name,
00056          in Object target,
00057          in Security::DelegationMode delegation_mode,
00058          in Security::OptionsDirectionPairList association_options,
00059          in Security::MechanismType mechanism,
00060          in Security::Opaque comp_data,
00061          in Security::ChannelBindings chan_binding,
00062          out Security::OpaqueBuffer security_token,
00063          out ClientSecurityContext security_context
00064       );
00065 
00066       Security::AssociationStatus accept_security_context
00067       (
00068          in SecurityLevel2::CredentialsList creds_list,
00069          in Security::ChannelBindings chan_bindings,
00070          in Security::OpaqueBuffer in_token,
00071          out Security::OpaqueBuffer out_token,
00072          out ServerSecurityContext security_context
00073       );
00074 
00075       Security::MechandOptionsList get_supported_mechs ();
00076    };
00077 
00078    local interface SecurityContext
00079    {
00080       readonly attribute Security::SecurityContextType context_type;
00081       readonly attribute Security::SecurityContextState context_state;
00082       readonly attribute Security::MechanismType mechanism;
00083       readonly attribute boolean supports_refresh;
00084       readonly attribute Security::ChannelBindings chan_binding;
00085       readonly attribute SecurityLevel2::ReceivedCredentials received_credentials;
00086 
00087       Security::AssociationStatus continue_security_context
00088       (
00089          in Security::OpaqueBuffer in_token,
00090          out Security::OpaqueBuffer out_token
00091       );
00092 
00093       void protect_message
00094       (
00095          in Security::OpaqueBuffer message,
00096          in Security::QOP qop,
00097          out Security::OpaqueBuffer text_buffer,
00098          out Security::OpaqueBuffer token
00099       );
00100 
00101       boolean reclaim_message
00102       (
00103          in Security::OpaqueBuffer text_buffer,
00104          in Security::OpaqueBuffer token,
00105          out Security::QOP qop,
00106          out Security::OpaqueBuffer message
00107       );
00108 
00109       boolean is_valid (out Security::UtcT expiry_time);
00110       boolean refresh_security_context
00111       (
00112          in any refresh_data,
00113          out Security::OpaqueBuffer out_token
00114       );
00115       boolean process_refresh_token (in Security::OpaqueBuffer refresh_token);
00116       boolean discard_security_context
00117       (
00118          in Security::Opaque discard_data,
00119          out Security::OpaqueBuffer out_token
00120       );
00121       boolean process_discard_token (in Security::OpaqueBuffer discard_token);
00122    };
00123 
00124    local interface ClientSecurityContext : SecurityContext
00125    {
00126       readonly attribute Security::AssociationOptions association_options_used;
00127       readonly attribute Security::DelegationMode delegation_mode;
00128       readonly attribute Security::Opaque comp_data;
00129       readonly attribute SecurityLevel2::Credentials client_credentials;
00130       readonly attribute Security::AssociationOptions server_options_supported;
00131       readonly attribute Security::AssociationOptions server_options_required;
00132       readonly attribute Security::Opaque server_security_name;
00133    };
00134 
00135    local interface ServerSecurityContext : SecurityContext
00136    {
00137       readonly attribute Security::AssociationOptions association_options_used;
00138       readonly attribute Security::DelegationMode delegation_mode;
00139       readonly attribute SecurityLevel2::Credentials server_credentials;
00140       readonly attribute Security::AssociationOptions server_options_supported;
00141       readonly attribute Security::AssociationOptions server_options_required;
00142       readonly attribute Security::Opaque server_security_name;
00143    };
00144 
00145    interface RequiredRights
00146    {
00147       void get_required_rights
00148       (
00149          in CORBA::Identifier operation_name,
00150          in CORBA::RepositoryId interface_name,
00151          out Security::RightsList rights,
00152          out Security::RightsCombinator rights_combinator
00153       );
00154 
00155       void set_required_rights
00156       (
00157          in CORBA::Identifier operation_name,
00158          in CORBA::RepositoryId interface_name,
00159          in Security::RightsList rights,
00160          in Security::RightsCombinator rights_combinator
00161       );
00162    };
00163 
00164    local interface AuditChannel
00165    { 
00166       void audit_write
00167       (
00168          in Security::AuditEventType event_type,
00169          in SecurityLevel2::CredentialsList creds_list,
00170          in Security::UtcT time,
00171          in Security::SelectorValueList descriptors,
00172          in Security::Opaque event_specific_data
00173       );
00174 
00175       readonly attribute Security::AuditChannelId audit_channel_id;
00176    };
00177 
00178    local interface AuditDecision
00179    {
00180       boolean audit_needed
00181       (
00182          in Security::AuditEventType event_type,
00183          in Security::SelectorValueList value_list
00184       );
00185 
00186       readonly attribute AuditChannel audit_channel;
00187    };
00188 
00189    local interface AccessDecision
00190    {
00191       boolean access_allowed
00192       (
00193          in SecurityLevel2::CredentialsList cred_list,
00194          in CORBA::Identifier operation_name,
00195          in CORBA::Identifier target_interface_name
00196       );
00197    };
00198 };
00199 
00200 #endif