Issue 1764: Security Context does not reveal client/server orientation. (sec-rev) Source: (, ) Nature: Revision Severity: Significant Summary: Summary: Each security context, at least at the SECIOP/GIOP levels each have a client and target orientation. This is not reflected in the SecurityContext interface. Also, using the same context for both, is misleading, in the sense that "received_credentials" does not make sense for a context on the client side: Resolution: Revised Text: Actions taken: August 2, 1998: received issue November 13, 1998: closed issue Discussion: End of Annotations:===== Return-Path: Date: Sun, 2 Aug 1998 17:58:10 -0400 From: www To: juergen@omg.org, web-incoming@omg.org Subject: WWW Form output Name: Polar Humenn Company: Adiron, LLC Email: polar@adiron.com Notification: Yes Specification: Services (Security) Section: 15.7.2.3 Formal #: who-knows Version: CORBAsec v1.2 Draft Revision_Date: 5 jan 1998 Page: 15-151,15-289 Nature: Revision Severity: Significant full_desc: Security Context does not reveal client/server orientation. Each security context, at least at the SECIOP/GIOP levels each have a client and target orientation. This is not reflected in the SecurityContext interface. Also, using the same context for both, is misleading, in the sense that "received_credentials" does not make sense for a context on the client side: PROPOSED Solution enum SecurityContextType { ClientSecurityContext, ServerSecurityContext }; // Context States are represented with integers so that // implementers may insert other states. typedef long SecurityContextState; const SecurityContextState SecContextInitialized = 100; const SecurityContextState SecContextContinued = 200; const SecurityContextState SecContextEstablished = 300; const SecurityContextState SecContextInvalid = 400; interface SecurityContext { readonly attribute SecurityContextType context_type; readonly attribute SecurityContextState context_state; readonly attribute Security::AssociationOptions options_supported; readonly attribute Security::AssociationOptions options_required; // Valid after state reaches Established readonly attribute Security::AssociationOptions options_used; readonly attribute Security::DelegationMode delegation_mode; // Context must be in the SecContextContinued state. // Returns Security::SecAssocSuccess, Security::SecAssocContinue, // or raises exception with reason, otherwise. // When returning Security::SecAssocSuccess // context is in the SecContextEstablished state. // When returning Security::SecAssocContinue // context remains in the SecContextContinue state. Security::AssociationStatus continue_security_context( in Security::Opaque in_token, out Security::Opaque out_token ); // Should raise exception with reasons if failed to protect // message. void protect_message( in Security::Opaque message, in Security::QOP qop, out Security::Opaque text_buffer, out Security::Opaque out_token ); // Should raise exception with reasons if failed to // reclaim message void reclaim_message( in Security::Opaque text_buffer, in Security::Opaque token, out Security::QOP qop, out Security::Opaque message ); boolean is_valid( out Security::UtcT expiry_time; ); // Should raise exception with reasons if context cannot be // refreshed. void refresh(); } interface ClientSecurityContext : SecurityContext { // The specific credentials object used for invocation. // These credentials may be of the "own" or "received" type. readonly attribute SecurityLevel2::Credentials client_credentials; readonly attribute Security::SecurityName target_security_name; }; interface ServerSecurityContext : SecurityContext { // Uch! I hate this list! // Credentails received from client side. readonly attribute SecurityLevel2::CredentialsList received_credentials; // Specific server side credentials used to establish context. readonly attribute SecurityLevel2::Credentials accepting_credentials; }; submit: Submit Issue Report