📄 security.idl
字号:
// -*- IDL -*-
//
// Security.idl,v 1.11 2003/12/31 02:33:24 bala Exp
#ifndef _SECURITY_IDL_
#define _SECURITY_IDL_
#include <tao/Services.pidl>
#include <tao/TimeBase.pidl>
#include <orb.idl>
#include <tao/OctetSeq.pidl>
#pragma prefix "omg.org"
module Security {
#pragma version Security 1.8
typedef string SecurityName;
typedef sequence<octet> Opaque;
// Constant declarations for Security Service Options
const CORBA::ServiceOption SecurityLevel1 = 1;
const CORBA::ServiceOption SecurityLevel2 = 2;
const CORBA::ServiceOption NonRepudiation = 3;
const CORBA::ServiceOption SecurityORBServiceReady = 4;
const CORBA::ServiceOption SecurityServiceReady = 5;
const CORBA::ServiceOption ReplaceORBServices = 6;
const CORBA::ServiceOption ReplaceSecurityServices = 7;
const CORBA::ServiceOption StandardSecureInteroperability = 8;
const CORBA::ServiceOption DCESecureInteroperability = 9;
// Service options for Common Secure Interoperability
const CORBA::ServiceOption CommonInteroperabilityLevel0 = 10;
const CORBA::ServiceOption CommonInteroperabilityLevel1 = 11;
const CORBA::ServiceOption CommonInteroperabilityLevel2 = 12;
// Security mech types supported for secure association
const CORBA::ServiceDetailType SecurityMechanismType = 1;
// privilege types supported in standard access policy
const CORBA::ServiceDetailType SecurityAttribute = 2;
// extensible families for standard data types
struct ExtensibleFamily {
unsigned short family_definer;
unsigned short family;
};
typedef sequence<octet> OID;
typedef sequence<OID> OIDList;
// security attributes
typedef unsigned long SecurityAttributeType;
// other attributes; family = 0
const SecurityAttributeType AuditId = 1;
const SecurityAttributeType AccountingId = 2;
const SecurityAttributeType NonRepudiationId = 3;
// privilege attributes; family = 1
const SecurityAttributeType _Public = 1;
const SecurityAttributeType AccessId = 2;
const SecurityAttributeType PrimaryGroupId = 3;
const SecurityAttributeType GroupId = 4;
const SecurityAttributeType Role = 5;
const SecurityAttributeType AttributeSet = 6;
const SecurityAttributeType Clearance = 7;
const SecurityAttributeType Capability = 8;
struct AttributeType {
ExtensibleFamily attribute_family;
SecurityAttributeType attribute_type;
};
typedef sequence<AttributeType> AttributeTypeList;
struct SecAttribute {
AttributeType attribute_type;
OID defining_authority;
Opaque value;
// the value of this attribute can be
// decoded only with knowledge of defining authority
};
typedef sequence <SecAttribute> AttributeList;
// Authentication return status
enum AuthenticationStatus {
SecAuthSuccess,
SecAuthFailure,
SecAuthContinue,
SecAuthExpired
};
// Association return status
enum AssociationStatus {
SecAssocSuccess,
SecAssocFailure,
SecAssocContinue
};
// Authentication method
typedef unsigned long AuthenticationMethod;
typedef sequence<AuthenticationMethod> AuthenticationMethodList;
// Credential types
enum InvocationCredentialsType {
SecOwnCredentials,
SecReceivedCredentials,
SecTargetCredentials
};
// Declarations related to Rights
struct Right {
ExtensibleFamily rights_family;
string the_right;
};
typedef sequence <Right> RightsList;
enum RightsCombinator {
SecAllRights,
SecAnyRight
};
// Delegation related
enum DelegationState {
SecInitiator,
SecDelegate
};
enum DelegationDirective {
Delegate,
NoDelegate
};
// pick up from TimeBase
typedef TimeBase::UtcT UtcT;
typedef TimeBase::IntervalT IntervalT;
typedef TimeBase::TimeT TimeT;
// Security features available on credentials.
enum SecurityFeature {
SecNoDelegation,
SecSimpleDelegation,
SecCompositeDelegation,
SecNoProtection,
SecIntegrity,
SecConfidentiality,
SecIntegrityAndConfidentiality,
SecDetectReplay,
SecDetectMisordering,
SecEstablishTrustInTarget,
SecEstablishTrustInClient
};
// Quality of protection which can be specified
// for an object reference and used to protect messages
enum QOP {
SecQOPNoProtection,
SecQOPIntegrity,
SecQOPConfidentiality,
SecQOPIntegrityAndConfidentiality
};
// Type of SecurityContext
enum SecurityContextType {
SecClientSecurityContext,
SecServerSecurityContext
};
// Operational State of a Security Context
enum SecurityContextState {
SecContextInitialized,
SecContextContinued,
SecContextClientEstablished,
SecContextEstablished,
SecContextEstablishExpired,
SecContextExpired,
SecContextInvalid
};
struct ChannelBindings {
unsigned long initiator_addrtype;
CORBA::OctetSeq initiator_address;
unsigned long acceptor_addrtype;
CORBA::OctetSeq acceptor_address;
CORBA::OctetSeq application_data;
};
// For use with SecurityReplaceable
struct OpaqueBuffer {
Opaque buffer;
unsigned long startpos;
unsigned long endpos;
// startpos <= endpos
// OpaqueBuffer is said to be empty if startpos == endpos
};
// Association options which can be administered
// on secure invocation policy and used to
// initialize security context
typedef unsigned short AssociationOptions;
const AssociationOptions NoProtection = 1;
const AssociationOptions Integrity = 2;
const AssociationOptions Confidentiality = 4;
const AssociationOptions DetectReplay = 8;
const AssociationOptions DetectMisordering = 16;
const AssociationOptions EstablishTrustInTarget = 32;
const AssociationOptions EstablishTrustInClient = 64;
const AssociationOptions NoDelegation = 128;
const AssociationOptions SimpleDelegation = 256;
const AssociationOptions CompositeDelegation = 512;
// Flag to indicate whether association options being
// administered are the "required" or "supported" set
enum RequiresSupports {
SecRequires,
SecSupports
};
// Direction of communication for which
// secure invocation policy applies
enum CommunicationDirection {
SecDirectionBoth,
SecDirectionRequest,
SecDirectionReply
};
// security association mechanism type
typedef string MechanismType;
typedef sequence<MechanismType> MechanismTypeList;
// AssociationOptions-Direction pair
struct OptionsDirectionPair {
AssociationOptions options;
CommunicationDirection direction;
};
typedef sequence <OptionsDirectionPair> OptionsDirectionPairList;
// Delegation mode which can be administered
enum DelegationMode {
SecDelModeNoDelegation, // i.e. use own credentials
SecDelModeSimpleDelegation, // delegate received credentials
SecDelModeCompositeDelegation // delegate both
};
// Association options supported by a given mech type
struct MechandOptions {
MechanismType mechanism_type;
AssociationOptions options_supported;
};
typedef sequence <MechandOptions> MechandOptionsList;
// Attribute of the SecurityLevel2::EstablishTrustPolicy
struct EstablishTrust {
boolean trust_in_client;
boolean trust_in_target;
};
// Audit
typedef unsigned long AuditChannelId;
typedef unsigned short _EventType;
const _EventType AuditAll = 0;
const _EventType AuditPrincipalAuth = 1;
const _EventType AuditSessionAuth = 2;
const _EventType AuditAuthorization = 3;
const _EventType AuditInvocation = 4;
const _EventType AuditSecEnvChange = 5;
const _EventType AuditPolicyChange = 6;
const _EventType AuditObjectCreation = 7;
const _EventType AuditObjectDestruction = 8;
const _EventType AuditNonRepudiation = 9;
enum DayOfTheWeek {
Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday
};
enum AuditCombinator {
SecAllSelectors,
SecAnySelector
};
struct AuditEventType {
ExtensibleFamily event_family;
_EventType event_type;
};
typedef sequence <AuditEventType> AuditEventTypeList;
typedef unsigned long SelectorType;
const SelectorType InterfaceName = 1;
const SelectorType ObjectRef = 2;
const SelectorType Operation = 3;
const SelectorType Initiator = 4;
const SelectorType SuccessFailure = 5;
const SelectorType Time = 6;
const SelectorType DayOfWeek = 7;
// values defined for audit_needed and audit_write are:
// InterfaceName: CORBA::RepositoryId
// ObjectRef: object reference
// Operation: op_name
// Initiator: Credentials
// SuccessFailure: boolean
// Time: utc time on audit_write; time picked up from
// environment in audit_needed if required
// DayOfWeek: DayOfTheWeek
struct SelectorValue {
SelectorType selector;
any value;
};
typedef sequence <SelectorValue> SelectorValueList;
// Constant declaration for valid Security Policy Types
// General administrative policies
const CORBA::PolicyType SecClientInvocationAccess = 1;
const CORBA::PolicyType SecTargetInvocationAccess = 2;
const CORBA::PolicyType SecApplicationAccess = 3;
const CORBA::PolicyType SecClientInvocationAudit = 4;
const CORBA::PolicyType SecTargetInvocationAudit = 5;
const CORBA::PolicyType SecApplicationAudit = 6;
const CORBA::PolicyType SecDelegation = 7;
const CORBA::PolicyType SecClientSecureInvocation = 8;
const CORBA::PolicyType SecTargetSecureInvocation = 9;
const CORBA::PolicyType SecNonRepudiation = 10;
// Policies used to control attributes of a binding to a target
const CORBA::PolicyType SecMechanismsPolicy = 12;
const CORBA::PolicyType SecInvocationCredentialsPolicy = 13;
const CORBA::PolicyType SecFeaturePolicy = 14; // obsolete
const CORBA::PolicyType SecQOPPolicy = 15;
const CORBA::PolicyType SecDelegationDirectivePolicy = 38;
const CORBA::PolicyType SecEstablishTrustPolicy = 39;
};
#pragma prefix ""
#endif /* _SECURITY_IDL_ */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -