SecurityLevel2.idl

Go to the documentation of this file.
00001 // -*- IDL -*-
00002 //
00003 // SecurityLevel2.idl,v 1.9 2004/08/18 00:35:31 jtc Exp
00004 
00005 
00006 #ifndef _SECURITY_LEVEL_2_IDL_
00007 #define _SECURITY_LEVEL_2_IDL_
00008 
00009 #include <orbsvcs/SecurityLevel1.idl>
00010 
00011 #pragma prefix "omg.org"
00012 
00013 module SecurityLevel2 {
00014 
00015 # pragma version SecurityLevel2 1.8
00016 
00017   // Forward declaration of interfaces
00018   local interface PrincipalAuthenticator;
00019   local interface Credentials;
00020   local interface Current;
00021 
00022   // Interface PrincipalAuthenticator
00023   local interface PrincipalAuthenticator {
00024 #   pragma version PrincipalAuthenticator 1.8
00025 
00026     Security::AuthenticationMethodList
00027     get_supported_authen_methods(
00028       in Security::MechanismType             mechanism
00029     );
00030 
00031     Security::AuthenticationStatus authenticate (
00032       in   Security::AuthenticationMethod    method,
00033       in   Security::MechanismType           mechanism,
00034       in   Security::SecurityName            security_name,
00035       in   any                               auth_data,
00036       in   Security::AttributeList           privileges,
00037       out  Credentials                       creds,
00038       out  any                               continuation_data,
00039       out  any                               auth_specific_data
00040     );
00041 
00042     Security::AuthenticationStatus continue_authentication (
00043       in   any                               response_data,
00044       in   Credentials                       creds,
00045       out  any                               continuation_data,
00046       out  any                               auth_specific_data
00047     );
00048   };
00049 
00050 
00051   // Interface Credentials
00052   local interface Credentials {
00053 #   pragma version Credentials 1.8
00054 
00055     Credentials copy ();
00056 
00057     void destroy();
00058 
00059     readonly attribute Security::InvocationCredentialsType
00060       credentials_type;
00061 
00062     readonly attribute Security::AuthenticationStatus
00063       authentication_state;
00064 
00065     readonly attribute Security::MechanismType mechanism;
00066 
00067     attribute Security::AssociationOptions
00068       accepting_options_supported;
00069 
00070     attribute Security::AssociationOptions
00071       accepting_options_required;
00072 
00073     attribute Security::AssociationOptions
00074       invocation_options_supported;
00075 
00076     attribute Security::AssociationOptions
00077       invocation_options_required;
00078 
00079     boolean get_security_feature (
00080       in Security::CommunicationDirection direction,
00081       in Security::SecurityFeature feature
00082     );
00083 
00084     boolean set_attributes (
00085       in Security::AttributeList   requested_attributes,
00086       out Security::AttributeList  actual_attributes
00087     );
00088 
00089     Security::AttributeList get_attributes (
00090       in Security::AttributeTypeList attributes
00091     );
00092 
00093     boolean is_valid (out Security::UtcT expiry_time);
00094 
00095     boolean refresh (in any refresh_data);
00096 
00097   };
00098 
00099   typedef sequence <Credentials>  CredentialsList;
00100 
00101   local interface ReceivedCredentials : Credentials {
00102 
00103 #   pragma version ReceivedCredentials 1.8
00104 
00105     readonly attribute Credentials accepting_credentials;
00106 
00107     readonly attribute Security::AssociationOptions
00108       association_options_used;
00109 
00110     readonly attribute Security::DelegationState delegation_state;
00111 
00112     readonly attribute Security::DelegationMode  delegation_mode;
00113 
00114   };
00115 
00116   local interface TargetCredentials : Credentials {
00117 
00118 #   pragma version TargetCredentials 1.8
00119 
00120     readonly attribute Credentials    initiating_credentials;
00121 
00122     readonly attribute Security::AssociationOptions
00123       association_options_used;
00124 
00125   };
00126 
00127   // RequiredRights Interface
00128   interface RequiredRights {
00129 
00130     void get_required_rights(
00131       in   Object                             obj,
00132       in   CORBA::Identifier                  operation_name,
00133       in   CORBA::RepositoryId                interface_name,
00134       out  Security::RightsList               rights,
00135       out  Security::RightsCombinator         rights_combinator
00136     );
00137 
00138     void set_required_rights(
00139       in   CORBA::Identifier                  operation_name,
00140       in   CORBA::RepositoryId                interface_name,
00141       in   Security::RightsList               rights,
00142       in   Security::RightsCombinator         rights_combinator
00143     );
00144   };
00145 
00146 
00147   // interface audit channel
00148   local interface AuditChannel {
00149 
00150 # pragma version AuditChannel 1.8
00151 
00152     void audit_write (
00153       in   Security::AuditEventType            event_type,
00154       in   CredentialsList                     creds,
00155       in   Security::UtcT                      time,
00156       in   Security::SelectorValueList         descriptors,
00157       in   any                                 event_specific_data
00158     );
00159 
00160     readonly attribute Security::AuditChannelId audit_channel_id;
00161 
00162   };
00163 
00164 
00165   // interface for Audit Decision
00166   local interface AuditDecision {
00167 
00168 #   pragma version AuditDecision 1.8
00169 
00170     boolean audit_needed (
00171       in   Security::AuditEventType            event_type,
00172       in   Security::SelectorValueList         value_list
00173     );
00174 
00175     readonly attribute AuditChannel audit_channel;
00176 
00177   };
00178 
00179 
00180   local interface AccessDecision {
00181 
00182 #   pragma version AccessDecision 1.8
00183 
00184     boolean access_allowed (
00185       in   SecurityLevel2::CredentialsList     cred_list,
00186       in   Object                              target,
00187       in   CORBA::Identifier                   operation_name,
00188       in   CORBA::Identifier                   target_interface_name
00189     );
00190   };
00191 
00192 
00193   // Policy interfaces to control bindings
00194 
00195   local interface QOPPolicy : CORBA::Policy {
00196 #   pragma version QOPPolicy 1.8
00197     readonly attribute Security::QOP           qop;
00198 
00199   };
00200 
00201   local interface MechanismPolicy : CORBA::Policy {
00202 #   pragma version MechanismPolicy 1.8
00203     readonly attribute Security::MechanismTypeList mechanisms;
00204   };
00205 
00206   local interface InvocationCredentialsPolicy : CORBA::Policy {
00207 #   pragma version InvocationCredentialsPolicy 1.8
00208     readonly attribute CredentialsList creds;
00209   };
00210 
00211   local interface EstablishTrustPolicy : CORBA::Policy {
00212 #   pragma version EstablishTrustPolicy 1.8
00213     readonly attribute Security::EstablishTrust trust;
00214   };
00215 
00216   local interface DelegationDirectivePolicy : CORBA::Policy {
00217 #   pragma version DelegationDirectivePolicy 1.8
00218     readonly attribute Security::DelegationDirective delegation_directive;
00219   };
00220 
00221   local interface SecurityManager {
00222 
00223 #   pragma version SecurityManager 1.8
00224 
00225     // Process/Capsule/ORB Instance specific operations
00226 
00227     readonly attribute Security::MechandOptionsList
00228       supported_mechanisms;
00229 
00230     readonly attribute CredentialsList own_credentials;
00231 
00232     readonly attribute RequiredRights
00233       required_rights_object;
00234 
00235     readonly attribute PrincipalAuthenticator
00236       principal_authenticator;
00237 
00238     readonly attribute AccessDecision
00239       access_decision;
00240 
00241     readonly attribute AuditDecision
00242       audit_decision;
00243 
00244     TargetCredentials get_target_credentials (
00245       in Object obj_ref
00246     );
00247 
00248     void remove_own_credentials(
00249       in Credentials creds
00250     );
00251 
00252     CORBA::Policy get_security_policy (
00253       in CORBA::PolicyType policy_type
00254     );
00255   };
00256 
00257   // Interface Current derived from SecurityLevel1::Current providing
00258   // additional operations on Current at this security level.
00259   // This is implemented by the ORB
00260   local interface Current : SecurityLevel1::Current {
00261 
00262 #    pragma version Current 1.8
00263 
00264     // Thread specific
00265 
00266     readonly attribute ReceivedCredentials received_credentials;
00267 
00268   };
00269 
00270 };
00271 
00272 #pragma prefix ""
00273 
00274 #endif /* _SECURITY_LEVEL_2_IDL_ */

Generated on Thu Nov 9 13:50:47 2006 for TAO_Security by doxygen 1.3.6