diff options
author | William R. Otte <wotte@dre.vanderbilt.edu> | 2006-07-24 15:50:11 +0000 |
---|---|---|
committer | William R. Otte <wotte@dre.vanderbilt.edu> | 2006-07-24 15:50:11 +0000 |
commit | 6b846cf03c0bcbd8c276cb0af61a181e5f98eaae (patch) | |
tree | da50d054f9c761c3f6a5923f6979e93306c56d68 /TAO/orbsvcs/orbsvcs/Security.idl | |
parent | 0e555b9150d38e3b3473ba325b56db2642e6352b (diff) | |
download | ATCD-6b846cf03c0bcbd8c276cb0af61a181e5f98eaae.tar.gz |
Repo restructuring
Diffstat (limited to 'TAO/orbsvcs/orbsvcs/Security.idl')
-rw-r--r-- | TAO/orbsvcs/orbsvcs/Security.idl | 358 |
1 files changed, 0 insertions, 358 deletions
diff --git a/TAO/orbsvcs/orbsvcs/Security.idl b/TAO/orbsvcs/orbsvcs/Security.idl deleted file mode 100644 index 836462ec784..00000000000 --- a/TAO/orbsvcs/orbsvcs/Security.idl +++ /dev/null @@ -1,358 +0,0 @@ -// -*- IDL -*- -// -// $Id$ - - -#ifndef _SECURITY_IDL_ -#define _SECURITY_IDL_ - -#include "tao/TimeBase.pidl" -#include <orb.idl> - -#pragma prefix "omg.org" - -module Security { - -#pragma version Security 1.8 - - typedef string SecurityName; - typedef sequence<octet> Opaque; - - // Constant declarations for Security Service Options - const CORBA::ServiceOption SecurityLevel1 = 1; - const CORBA::ServiceOption SecurityLevel2 = 2; - const CORBA::ServiceOption NonRepudiation = 3; - const CORBA::ServiceOption SecurityORBServiceReady = 4; - const CORBA::ServiceOption SecurityServiceReady = 5; - const CORBA::ServiceOption ReplaceORBServices = 6; - const CORBA::ServiceOption ReplaceSecurityServices = 7; - const CORBA::ServiceOption StandardSecureInteroperability = 8; - const CORBA::ServiceOption DCESecureInteroperability = 9; - - // Service options for Common Secure Interoperability - const CORBA::ServiceOption CommonInteroperabilityLevel0 = 10; - const CORBA::ServiceOption CommonInteroperabilityLevel1 = 11; - const CORBA::ServiceOption CommonInteroperabilityLevel2 = 12; - - // Security mech types supported for secure association - const CORBA::ServiceDetailType SecurityMechanismType = 1; - - // privilege types supported in standard access policy - const CORBA::ServiceDetailType SecurityAttribute = 2; - - // extensible families for standard data types - struct ExtensibleFamily { - unsigned short family_definer; - unsigned short family; - }; - - typedef sequence<octet> OID; - - typedef sequence<OID> OIDList; - - // security attributes - typedef unsigned long SecurityAttributeType; - - // other attributes; family = 0 - - const SecurityAttributeType AuditId = 1; - const SecurityAttributeType AccountingId = 2; - const SecurityAttributeType NonRepudiationId = 3; - - // privilege attributes; family = 1 - - const SecurityAttributeType _Public = 1; - const SecurityAttributeType AccessId = 2; - const SecurityAttributeType PrimaryGroupId = 3; - const SecurityAttributeType GroupId = 4; - const SecurityAttributeType Role = 5; - const SecurityAttributeType AttributeSet = 6; - const SecurityAttributeType Clearance = 7; - const SecurityAttributeType Capability = 8; - - struct AttributeType { - ExtensibleFamily attribute_family; - SecurityAttributeType attribute_type; - }; - - typedef sequence<AttributeType> AttributeTypeList; - - struct SecAttribute { - AttributeType attribute_type; - OID defining_authority; - Opaque value; - // the value of this attribute can be - // decoded only with knowledge of defining authority - }; - - typedef sequence <SecAttribute> AttributeList; - - // Authentication return status - enum AuthenticationStatus { - SecAuthSuccess, - SecAuthFailure, - SecAuthContinue, - SecAuthExpired - }; - - // Association return status - enum AssociationStatus { - SecAssocSuccess, - SecAssocFailure, - SecAssocContinue - }; - - // Authentication method - typedef unsigned long AuthenticationMethod; - - typedef sequence<AuthenticationMethod> AuthenticationMethodList; - - // Credential types - - enum InvocationCredentialsType { - SecOwnCredentials, - SecReceivedCredentials, - SecTargetCredentials - }; - - // Declarations related to Rights - - struct Right { - ExtensibleFamily rights_family; - string the_right; - }; - - typedef sequence <Right> RightsList; - - enum RightsCombinator { - SecAllRights, - SecAnyRight - }; - - // Delegation related - - enum DelegationState { - SecInitiator, - SecDelegate - }; - - enum DelegationDirective { - Delegate, - NoDelegate - }; - - // pick up from TimeBase - - typedef TimeBase::UtcT UtcT; - typedef TimeBase::IntervalT IntervalT; - typedef TimeBase::TimeT TimeT; - - // Security features available on credentials. - - enum SecurityFeature { - SecNoDelegation, - SecSimpleDelegation, - SecCompositeDelegation, - SecNoProtection, - SecIntegrity, - SecConfidentiality, - SecIntegrityAndConfidentiality, - SecDetectReplay, - SecDetectMisordering, - SecEstablishTrustInTarget, - SecEstablishTrustInClient - }; - - // Quality of protection which can be specified - // for an object reference and used to protect messages - enum QOP { - SecQOPNoProtection, - SecQOPIntegrity, - SecQOPConfidentiality, - SecQOPIntegrityAndConfidentiality - }; - - // Type of SecurityContext - enum SecurityContextType { - SecClientSecurityContext, - SecServerSecurityContext - }; - - // Operational State of a Security Context - enum SecurityContextState { - SecContextInitialized, - SecContextContinued, - SecContextClientEstablished, - SecContextEstablished, - SecContextEstablishExpired, - SecContextExpired, - SecContextInvalid - }; - - struct ChannelBindings { - unsigned long initiator_addrtype; - CORBA::OctetSeq initiator_address; - unsigned long acceptor_addrtype; - CORBA::OctetSeq acceptor_address; - CORBA::OctetSeq application_data; - }; - - // For use with SecurityReplaceable - struct OpaqueBuffer { - Opaque buffer; - unsigned long startpos; - unsigned long endpos; - // startpos <= endpos - // OpaqueBuffer is said to be empty if startpos == endpos - }; - - // Association options which can be administered - // on secure invocation policy and used to - // initialize security context - typedef unsigned short AssociationOptions; - - const AssociationOptions NoProtection = 1; - const AssociationOptions Integrity = 2; - const AssociationOptions Confidentiality = 4; - const AssociationOptions DetectReplay = 8; - const AssociationOptions DetectMisordering = 16; - const AssociationOptions EstablishTrustInTarget = 32; - const AssociationOptions EstablishTrustInClient = 64; - const AssociationOptions NoDelegation = 128; - const AssociationOptions SimpleDelegation = 256; - const AssociationOptions CompositeDelegation = 512; - - // Flag to indicate whether association options being - // administered are the "required" or "supported" set - enum RequiresSupports { - SecRequires, - SecSupports - }; - - // Direction of communication for which - // secure invocation policy applies - enum CommunicationDirection { - SecDirectionBoth, - SecDirectionRequest, - SecDirectionReply - }; - - // security association mechanism type - typedef string MechanismType; - typedef sequence<MechanismType> MechanismTypeList; - - // AssociationOptions-Direction pair - struct OptionsDirectionPair { - AssociationOptions options; - CommunicationDirection direction; - }; - - typedef sequence <OptionsDirectionPair> OptionsDirectionPairList; - - // Delegation mode which can be administered - enum DelegationMode { - SecDelModeNoDelegation, // i.e. use own credentials - SecDelModeSimpleDelegation, // delegate received credentials - SecDelModeCompositeDelegation // delegate both - }; - - // Association options supported by a given mech type - struct MechandOptions { - MechanismType mechanism_type; - AssociationOptions options_supported; - }; - - typedef sequence <MechandOptions> MechandOptionsList; - - // Attribute of the SecurityLevel2::EstablishTrustPolicy - struct EstablishTrust { - boolean trust_in_client; - boolean trust_in_target; - }; - - // Audit - typedef unsigned long AuditChannelId; - typedef unsigned short _EventType; - - const _EventType AuditAll = 0; - const _EventType AuditPrincipalAuth = 1; - const _EventType AuditSessionAuth = 2; - const _EventType AuditAuthorization = 3; - const _EventType AuditInvocation = 4; - const _EventType AuditSecEnvChange = 5; - const _EventType AuditPolicyChange = 6; - const _EventType AuditObjectCreation = 7; - const _EventType AuditObjectDestruction = 8; - const _EventType AuditNonRepudiation = 9; - - enum DayOfTheWeek { - Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday - }; - - enum AuditCombinator { - SecAllSelectors, - SecAnySelector - }; - - struct AuditEventType { - ExtensibleFamily event_family; - _EventType event_type; - }; - - typedef sequence <AuditEventType> AuditEventTypeList; - - typedef unsigned long SelectorType; - - const SelectorType InterfaceName = 1; - const SelectorType ObjectRef = 2; - const SelectorType Operation = 3; - const SelectorType Initiator = 4; - const SelectorType SuccessFailure = 5; - const SelectorType Time = 6; - const SelectorType DayOfWeek = 7; - - // values defined for audit_needed and audit_write are: - // InterfaceName: CORBA::RepositoryId - // ObjectRef: object reference - // Operation: op_name - // Initiator: Credentials - // SuccessFailure: boolean - // Time: utc time on audit_write; time picked up from - // environment in audit_needed if required - // DayOfWeek: DayOfTheWeek - - struct SelectorValue { - SelectorType selector; - any value; - }; - - typedef sequence <SelectorValue> SelectorValueList; - - // Constant declaration for valid Security Policy Types - - // General administrative policies - const CORBA::PolicyType SecClientInvocationAccess = 1; - const CORBA::PolicyType SecTargetInvocationAccess = 2; - const CORBA::PolicyType SecApplicationAccess = 3; - const CORBA::PolicyType SecClientInvocationAudit = 4; - const CORBA::PolicyType SecTargetInvocationAudit = 5; - const CORBA::PolicyType SecApplicationAudit = 6; - const CORBA::PolicyType SecDelegation = 7; - const CORBA::PolicyType SecClientSecureInvocation = 8; - const CORBA::PolicyType SecTargetSecureInvocation = 9; - const CORBA::PolicyType SecNonRepudiation = 10; - - - // Policies used to control attributes of a binding to a target - const CORBA::PolicyType SecMechanismsPolicy = 12; - const CORBA::PolicyType SecInvocationCredentialsPolicy = 13; - const CORBA::PolicyType SecFeaturePolicy = 14; // obsolete - const CORBA::PolicyType SecQOPPolicy = 15; - - const CORBA::PolicyType SecDelegationDirectivePolicy = 38; - const CORBA::PolicyType SecEstablishTrustPolicy = 39; -}; - -#pragma prefix "" - -#endif /* _SECURITY_IDL_ */ |