Module SecLev2


Interface Index

ConstructionPolicy
The Credentials placed in this policy object can either be own credentials Or Receieved Credentials (only if they have delegation capability).
Current
ORBAsec extensions to SecurityLevel2::Current
InteroperabilityPolicy
The Policy with one states to ignore some characteristics of some interoperability concerns.
TrustedAuthorityPolicy
This policy says what enities from which the security service will accept validated principal names.

Constant Index

SecConstructionPolicy
SecInteroperabilityPolicy
SecTrustedAuthorityPolicy

Struct Index

TrustedAuthority
This structure is used as an element of the Trusted Authority Policy.
TrustedAuthorityPolicyContent
This structure is used to be the contents of a Trusted Authority Policy.

Alias Index

TrustedAuthorityList

Constants

SecConstructionPolicy
const CORBA::PolicyType SecConstructionPolicy = 1001;
SecInteroperabilityPolicy
const CORBA::PolicyType SecInteroperabilityPolicy = 1002;
SecTrustedAuthorityPolicy
const CORBA::PolicyType SecTrustedAuthorityPolicy = 1000;

Structs

TrustedAuthority
struct TrustedAuthority
{
    Security::MechanismType mechanism;
    Security::Opaque security_name;
    long auth_distance;
};

This structure is used as an element of the Trusted Authority Policy.

This structure associates a mechanism type with a security name and a authentication distance.

The type of the security name is a sequence of octets. However, it must be in a special format according to the API workings of ORBAsec SL2. (See the orbasec.Name or orbasec.corba.Name class defintion for details on how to use these encodings.)

The authentication distance is the distance, which is in a metric specific to the security mechanism, of the maximum distance the trusted authority is allowed from the authenticated principal.

Each security name has associated with it, a type, such as an X.500 directory name, a Kerberos Name, RFC822 email address, etc. ORBAsec provides a tool for encoding, decoding and creating these names so that the fit the definition.


TrustedAuthorityPolicyContent
struct TrustedAuthorityPolicyContent
{
    TrustedAuthorityList own_trusted_authorities;
    TrustedAuthorityList client_peer_trusted_authorities;
    TrustedAuthorityList server_peer_trusted_authorities;
};

This structure is used to be the contents of a Trusted Authority Policy. It contains the Trusted Authorities for authenticating own principals, client principals (if we are the server), and server principals (if we are the client).

This structure is given to orbasec::SecLev2::Current.create_trusted_authority_policy in order to create the policy. It may also be packaged up into an any given to create_policy when the ORB knows how to create these policies.



Aliases

TrustedAuthorityList
typedef sequence<TrustedAuthority> TrustedAuthorityList;

Generated by the ORBacus IDL-to-HTML translator (non-commercial)