Borland VisiBroker® 7.0 - Borland Technical Publications
Borland VisiBroker® 7.0 - Borland Technical Publications Borland VisiBroker® 7.0 - Borland Technical Publications
Basic security modelThe following figure displays the relationship among these domains.Figure 2.1Interaction Among Different Domains in VisiSecureThese three VisiSecure domains are closely related.1 For authentication, you need an authentication realm. VisiBroker comes with asimple one, or you can use an existing supported realm, like an LDAP server.2 For authorization, you need to set up roles, and associate users with those roles.3 Then, you need to set up a resource domain, and grant access to the resources inthat domain to certain roles.Authentication realm (user domain)An authentication realm, simply described, is a database of users. Each authenticationrealm describes a set of users and their associated credentials and privileges, such asthe user's password and the groups to which the user belongs, respectively. Examplesof authentication realms are: an NT domain, an NIS or yp database, or an LDAPserver.An authentication realm is defined both by the authentication technology it uses, aswell as a set of configuration options that point to the source of the data. For example,if you are using LDAP, then the authentication realm specifies LDAP as theauthentication protocol, specifies the name of the server, and specifies otherconfiguration parameters. When you log on to a system, the system is authenticatingyou. For more information, see Chapter 3, “Authentication.”Resource domainA resource defines an application component that VisiSecure needs to protect.VisiSecure organizes resources into resource domains containing every resource in anapplication. This means every remote method or servlet that is exposed by a server isessentially a resource.The application developer defines access control policies for access to resources in theapplication. These are defined in terms of roles. Roles provide a logical collection ofpermissions to access a set of resources. For more information, see Chapter 4,“Authorization.”10 VisiBroker Security Guide
Distributed environments and VisiSecure SPIIn addition, applications may choose to be more security aware and provide accesscontrol for more fine grained resources such as fields, or access to external resourcessuch as databases. The EJB and Servlet specifications provide standard deploymentdescriptor information that allow applications to define their access policies in terms ofthe set of roles required to access a given method.Authorization domainThe authorization domain allows users to act in given roles. VisiSecure grantsprivileges to access resources based on these roles. When VisiBroker applicationspass user identities from one application to another, the identity contains userinformation, and the permissions based on the specified roles. The caller's identity isthen matched with the required rules to determine whether the caller satisfies therequired rules. If the caller satisfies the rules, access is granted. Otherwise, access isdenied. For more information, see Chapter 4, “Authorization.”Distributed environments and VisiSecure SPIFor a distributed environment, in addition to the three domains that make up the basicsecurity model, the following must be considered:■Distributed transmission of the authorization privileges■Assertion and trusting assertionThe VisiSecure Service Provider Interface (SPI) provides interfaces and classes toaddress secure transportation, assertion, and assertion trust. The transmission (orinteroperability) is handled by the underlying CSIv2 implementation. Because theimplementation of the SPI is closely bundled with the VisiBroker ORB, it cannot beseparated from the core as a generic SPI for other languages.Specifically, the VisiSecure SPI classes enable customization of your Security Servicein the following:■■■Identification and AuthenticationAuthorization (or access control decision making)Assertion trustManaging authentication and authorization with JAASThe Java Authentication and Authorization Service (JAAS) defines extensions thatallow pluggable authorization and user-based authentication. This frameworkeffectively separates the implementation of authentication from authorization, allowinggreater flexibility and broader vendor support. The fine-grained access controlcapabilities allow application developers to control access to critical resources at thegranularity level that makes the most sense.Authentication and IdentificationAuthentication is the process of verifying that an entity (human user, service, orcomponent, and such) is the one it claims to be. The authentication process includes:1 acquiring credentials from the to-be-authenticated entity,2 then verifying the credentials.VisiSecure employs the JAAS framework to facilitate the interaction between theentities and the system.Chapter 2: Getting Started with Security 11
- Page 1 and 2: Security GuideBorlandVisiBroker ®
- Page 3 and 4: ContentsChapter 1Introduction to Bo
- Page 5 and 6: Security for the Borland web contai
- Page 7 and 8: Chapter1Introduction to Borland Vis
- Page 9 and 10: VisiBroker DocumentationImportant
- Page 11 and 12: Contacting Borland support■■■
- Page 13 and 14: Chapter2Getting Started with Securi
- Page 15: Basic security model■■■■Web
- Page 19 and 20: Authentication and IdentificationAu
- Page 21 and 22: Authentication and IdentificationDi
- Page 23 and 24: Secure TransportationSecure Transpo
- Page 25 and 26: Context PropagationContext Propagat
- Page 27 and 28: Context PropagationTrusting Asserti
- Page 29 and 30: Using IIOP/HTTPSHere are several ex
- Page 31 and 32: ChapterChapter 3AuthenticationJAAS
- Page 33 and 34: Authentication mechanisms and Login
- Page 35 and 36: LoginContext class and LoginModule
- Page 37 and 38: Associating a LoginModule with a re
- Page 39 and 40: Borland LoginModulesThe elements in
- Page 41 and 42: Borland LoginModulesLDAP LoginModul
- Page 43 and 44: Server and Client IdentificationIn
- Page 45 and 46: Server and Client IdentificationCre
- Page 47 and 48: Server and Client IdentificationCli
- Page 49 and 50: ChapterChapter4AuthorizationAuthori
- Page 51 and 52: Defining access control with Role D
- Page 53 and 54: Authorization domainsTo accomplish
- Page 55 and 56: CORBA authorizationwhere is a taut
- Page 57 and 58: Chapter5Configuring Security Profil
- Page 59 and 60: Security ProfilesEnabling SecurityF
- Page 61 and 62: Security ProfilesConfiguring Authen
- Page 63 and 64: Security ProfilesTo access the Auth
- Page 65 and 66: Security ProfilesWorking with Autho
Distributed environments and VisiSecure SPIIn addition, applications may choose to be more security aware and provide accesscontrol for more fine grained resources such as fields, or access to external resourcessuch as databases. The EJB and Servlet specifications provide standard deploymentdescriptor information that allow applications to define their access policies in terms ofthe set of roles required to access a given method.Authorization domainThe authorization domain allows users to act in given roles. VisiSecure grantsprivileges to access resources based on these roles. When VisiBroker applicationspass user identities from one application to another, the identity contains userinformation, and the permissions based on the specified roles. The caller's identity isthen matched with the required rules to determine whether the caller satisfies therequired rules. If the caller satisfies the rules, access is granted. Otherwise, access isdenied. For more information, see Chapter 4, “Authorization.”Distributed environments and VisiSecure SPIFor a distributed environment, in addition to the three domains that make up the basicsecurity model, the following must be considered:■Distributed transmission of the authorization privileges■Assertion and trusting assertionThe VisiSecure Service Provider Interface (SPI) provides interfaces and classes toaddress secure transportation, assertion, and assertion trust. The transmission (orinteroperability) is handled by the underlying CSIv2 implementation. Because theimplementation of the SPI is closely bundled with the VisiBroker ORB, it cannot beseparated from the core as a generic SPI for other languages.Specifically, the VisiSecure SPI classes enable customization of your Security Servicein the following:■■■Identification and AuthenticationAuthorization (or access control decision making)Assertion trustManaging authentication and authorization with JAASThe Java Authentication and Authorization Service (JAAS) defines extensions thatallow pluggable authorization and user-based authentication. This frameworkeffectively separates the implementation of authentication from authorization, allowinggreater flexibility and broader vendor support. The fine-grained access controlcapabilities allow application developers to control access to critical resources at thegranularity level that makes the most sense.Authentication and IdentificationAuthentication is the process of verifying that an entity (human user, service, orcomponent, and such) is the one it claims to be. The authentication process includes:1 acquiring credentials from the to-be-authenticated entity,2 then verifying the credentials.VisiSecure employs the JAAS framework to facilitate the interaction between theentities and the system.Chapter 2: Getting Started with Security 11