-
Key: SEC14-43
-
Legacy Issue Number: 2958
-
Status: open
-
Source: Syracuse University ( Polar Humenn)
-
Summary:
The Security Replaceablity interfaces are deficient in the aspect of
creating the correct components for the IIOP profile of the IOR for the
specified credentials.The Vault::init_security_context, takes a parameter, mech_data, which is
the data component of the tagged component that was selected by the ORB
from the IOR for which the mechanism that was used in starting the secure
association.However, analogously on the accepting side, there is no way to create a
tagged component for use in the IOR! Adding functionality to the vault
will complete the security replaceablity and fill this hole.I suggest to add the following definitions to Security Replaceable.
#include <IOP.idl>
typedef sequence<IOP:TaggedComponent> TaggedComponentList;
interface Vault
{ TaggedComponentList create_iiop_components( in SecurityLevel2::CredentialsList creds_list ); };
The Vault produces the correct IOP tagged components for the set of
credentials specified that will be placed in the IIOP profile.There is no definite 1 to 1 correlation between the credentials in the
given list and the tagged components generated. The vault may determine
that some credentials are redundant, irrelevant, or take precedence over
other credentials. -
Reported: SEC 1.4 — Tue, 26 Oct 1999 04:00 GMT
-
Updated: Fri, 6 Mar 2015 20:58 GMT
SEC14 — Security: Need to complete SecurityReplaceable
- Key: SEC14-43
- OMG Task Force: Security 1.4 RTF