Issue 2927: Parameters of locality constrained interfaces were using "sequence octet" (sec-rev) Source: Syracuse University (Dr. Polar Humenn, polar(at)adiron.com) Nature: Uncategorized Issue Severity: Summary: Certain parameters of locality constrained interfaces were using "sequence octet" due to the inherent fear of CORBA any's. This should not be a problem. Also it is a serious bug as this might requires unnecessary marshalling of data to pass into the operations of locality constrained objects. The interfaces, their operations and parameters that are affected follow: PrincipalAuthenticator authenticate auth_data,continuation_data,auth_specific_data continue_authentication response_data,continuation_data,auth_specific_data AuditDecision audit_write event_specific_data Vault acquire_credentials auth_data,continuation_data,auth_specific_data continue_acquisition response_data,continuation_data,auth_specific_data These parameters should have the type "any". Resolution: Revised Text: Action: Close issue 2927 Opaques used where any’s should be used for locality constrained interfaces. ++Change the interface of the authenticate method after paragraph 479 and its corresponding interface definition in Appendix A.4. AuthenticationStatus authenticate( in AuthenticationMethod method, in MechanismType mechanism, in SecurityName security_name, in any auth_data, in AttributeList privileges, out Credentials creds, out any continuation_data, out any auth_specific_data ); ++ Change the interface of the continue_authentication method after paragraph 481 and its corresponding interface definition in Appendix A.4. AuthenticationStatus continue_authentication( in any response_data in Credentials creds, out any continuation_data, out any auth_specific_data ); ++ Change the interface of the audit_write operation after paragraph 615 and its corresponding interface definitions in Appendix A.4. void audit_write( in AuditEventType event_type, in CredentialsList creds, in UtcT time, in SelectorValueList descriptors, in any event_specific_data ); ++ Change the interface of the acquire_credentials method after paragraph 843 and its corresponding interface definition in Appendix A.7. AuthenticationStatus acquire_credentials( in AuthenticationMethod method, in MechanismType mechanism, in SecurityName security_name, in any auth_data, in AttributeList privileges, out Credentials creds, out any continuation_data, out any auth_specific_data ); ++ Change the interface of the continue_acquisition method after paragraph 845 and its corresponding interface definition in Appendix A.7. AuthenticationStatus continue_acquisition( in any response_data in Credentials creds, out any continuation_data, out any auth_specific_data ); Actions taken: October 4, 1999: received issue March 10, 2000: closed issue Discussion: "sequence<octet>" End of Annotations:===== X-Authentication-Warning: marcy.adiron.com: polar owned process doing -bs Date: Mon, 4 Oct 1999 16:26:20 -0400 (EDT) From: Polar Humenn To: issues@omg.org Subject: Security Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-UIDL: ,/De9A1n!!?Dmd94N!"! Certain parameters of locality constrained interfaces were using "sequence" due to the inherent fear of CORBA any's. This should not be a problem. Also it is a serious bug as this might requires unnecessary marshalling of data to pass into the operations of locality constrained objects. The interfaces, their operations and parameters that are affected follow: PrincipalAuthenticator authenticate auth_data,continuation_data,auth_specific_data continue_authentication response_data,continuation_data,auth_specific_data AuditDecision audit_write event_specific_data Vault acquire_credentials auth_data,continuation_data,auth_specific_data continue_acquisition response_data,continuation_data,auth_specific_data These parameters should have the type "any". ------------------------------------------------------------------- Polar Humenn Adiron, LLC Principal 2-212 Center for Science & Technology mailto:polar@adiron.com CASE Center/Syracuse University Phone: 315-443-3171 Syracuse, NY 13244-4100 Fax: 315-443-4745 http://www.adiron.com