Borland VisiBroker® 7.0 - Borland Technical Publications
Borland VisiBroker® 7.0 - Borland Technical Publications Borland VisiBroker® 7.0 - Borland Technical Publications
vbsec::IdentityAdapterExceptionsArgumentsReturnsExceptionsArgumentsExceptionsArgumentsReturnsExceptionsArgumentsReturnsExceptionsArgumentsExceptionsArgumentsExceptionsnonevirtual ::CSI::IdentityToken* exportIdentity(::vbsec::Subject&,::CSI::IdentityToken&) =0;Exports the identity of the IdentityAdapter as an IdentityToken.The subject whose identity is to be exported.An IdentityToken data.Throws NoCredentialsException if no credentials recognized by this IdentityAdapterare found in the subject.virtual void importIdentity (::vbsec::Subject&, ::CSI::IdentityToken&) =0;Imports the IdentityToken and populates the caller subject with the appropriateprincipals associated with this identity.The subject whose identity is to be imported.Throws NoCredentialsException if no credentials recognized by this IdentityAdapterare found in the subject.virtual ::vbsec::Privileges* getPrincipal (::vbsec::Subject&anp;) =0;Returns a Principal representing this identity. This method is used for interfacing withEJBs and servlets.The principal subject.A principle object.nonevirtual ::vbsec::Privileges* getPrivileges (::vbsec::Subect&) =0;The target subject.The privilege attributes for this target subject recognized by this IdentityAdapter.nonevirtual ::vbsec::setPrivileges (::vbsec::Privileges*) =0;This methods sets the privilege attribute for the identity.The privilege attribute to be set for the identity.nonevirtual void deleteIdentity (::vbsec::Subject&) =0;This method deletes the principals and the credentials associated with the specifiedtarget subject.The target subject for which the principals and the credentials recognized by thisIdentityAdapter are to be deleted.nonevbsec::MechanismAdapterExtending from IdentityAdapter, a MechanismAdapter has the additional capability ofchanging the target information. This is very useful in the case where the mechanismused in a remote site is not available locally. Therefore, the local identity must beadapted before sending to the remote site.In the out-of-box installation of VisiSecure, there is no class direct implementation ofMechanismAdapter, while a few classes implement the sub-interfaceAuthenticationMechanism, which in turn gives the support of this interface.122 VisiBroker Security Guide
vbsec::AuthenticationMechanismsMethodsReturnsExceptionsArgumentsReturnsExceptionsArgumentsReturnsExceptionsvirtual const ::CSI::StringOID_var getOid() const =0;Returns a string representation of the mechanism OID. For example, the stringrepresentation for a GSSUP mechanism would be oid:2.23.130.1.1.1.The mechanism OID string.nonevirtual ::vbsec::Target* getTarget (const std::string& realm, conststd::vector&) =0;Given a realm name and a list of AppConfigurationEntry objects, returns thecorresponding target.This method takes the following two arguments:■■A realm name.A list of AppConfigurationEntry objects.Returns the corresponding target object.nonevirtual ::vbsec::Target* getTarget (const ::CSI::GSS_NT_ExportedName&) =0;Returns a Target object representing the encoded target representation.A Target encoded in GSS Mechanism-Independent Exported Name format (as definedin [IETF RFC2743]).A Target object.nonevbsec::AuthenticationMechanismsThis class represents a full-fledged mechanism which provides all the functionalityneeded to support an authentication mechanism in conjunction with the CSIv2protocol.Included with VisiSecure are the following implementations for GSSUP based andX509 Certificate based authentication mechanisms respectively:■GSSUPAuthenticationMechanism■X509CertificateAdapterIn addition to the methods inherited from its super interfaces, AuthenticationMechanismalso has the following categories of methods defined.Credential-related methodsUse these methods to acquire and/or destroy credentials.virtual ::vbsec::Subject* acquireCredentials (::vbsec::Target&,::vbsec::CallbackHandler*) =0;Chapter 12: Security SPI for C++ 123
- Page 77 and 78: Chapter7Making Secure Connections (
- Page 79 and 80: Steps to secure clients and servers
- Page 81 and 82: Creating Custom PluginsLoginModules
- Page 83 and 84: ChapterChapter8Security for the Web
- Page 85 and 86: Security for the Apache web serverC
- Page 87 and 88: Enabling certificate passthrough to
- Page 89 and 90: Security for the Borland web contai
- Page 91 and 92: Three-tier authorization schemeNote
- Page 93 and 94: Chapter9Security Properties for Jav
- Page 95 and 96: Security Properties for JavaPropert
- Page 97 and 98: Chapter10Security Properties for C+
- Page 99 and 100: Security Properties for C++Property
- Page 101 and 102: Chapter11VisiSecure for C++ APIsCha
- Page 103 and 104: General APIUse this to login to the
- Page 105 and 106: General APISets the cipher suites t
- Page 107 and 108: General APIReturnsA set of the publ
- Page 109 and 110: SSL APISSL APIThis section explains
- Page 111 and 112: SSL APIclass CipherSuiteNameThis cl
- Page 113 and 114: SSL APIExceptionsCORBA::BAD_OPERATI
- Page 115 and 116: Certificate APICertificate APIThis
- Page 117 and 118: Certificate APIclass CORBAsec::X509
- Page 119 and 120: QoP APIQoP APIThe following section
- Page 121 and 122: Authorization APIAuthorization APIT
- Page 123 and 124: ChapterChapter12Security SPIfor C++
- Page 125 and 126: ProvidersProvidersTable 12.1Each pr
- Page 127: vbsec::CallbackHandlervbsec::Callba
- Page 131 and 132: vbsec::TargetReturnsExceptionsArgum
- Page 133 and 134: vbsec::Resourcevbsec::ResourceThe R
- Page 135 and 136: vbsec::AttributeCodecFor the provid
- Page 137 and 138: vbsec::PermissionCollectionvbsec::P
- Page 139 and 140: vbsec::InitOptionsvbsec::InitOption
- Page 141 and 142: IndexSymbols... ellipsis 4.defaultA
- Page 143 and 144: Iidentitiessetting up 36setting up
- Page 145 and 146: security (C++)AttributeCodec 119, 1
- Page 147 and 148: VisiSecure APIs (C++) 95VisiSecure
vbsec::AuthenticationMechanismsMethodsReturnsExceptionsArgumentsReturnsExceptionsArgumentsReturnsExceptionsvirtual const ::CSI::StringOID_var getOid() const =0;Returns a string representation of the mechanism OID. For example, the stringrepresentation for a GSSUP mechanism would be oid:2.23.130.1.1.1.The mechanism OID string.nonevirtual ::vbsec::Target* getTarget (const std::string& realm, conststd::vector&) =0;Given a realm name and a list of AppConfigurationEntry objects, returns thecorresponding target.This method takes the following two arguments:■■A realm name.A list of AppConfigurationEntry objects.Returns the corresponding target object.nonevirtual ::vbsec::Target* getTarget (const ::CSI::GSS_NT_ExportedName&) =0;Returns a Target object representing the encoded target representation.A Target encoded in GSS Mechanism-Independent Exported Name format (as definedin [IETF RFC2743]).A Target object.nonevbsec::AuthenticationMechanismsThis class represents a full-fledged mechanism which provides all the functionalityneeded to support an authentication mechanism in conjunction with the CSIv2protocol.Included with VisiSecure are the following implementations for GSSUP based andX509 Certificate based authentication mechanisms respectively:■GSSUPAuthenticationMechanism■X509CertificateAdapterIn addition to the methods inherited from its super interfaces, AuthenticationMechanismalso has the following categories of methods defined.Credential-related methodsUse these methods to acquire and/or destroy credentials.virtual ::vbsec::Subject* acquireCredentials (::vbsec::Target&,::vbsec::CallbackHandler*) =0;Chapter 12: Security SPI for C++ 123