summaryrefslogtreecommitdiff
path: root/TAO/orbsvcs/examples/Security/SecurityLevel1/README
diff options
context:
space:
mode:
Diffstat (limited to 'TAO/orbsvcs/examples/Security/SecurityLevel1/README')
-rw-r--r--TAO/orbsvcs/examples/Security/SecurityLevel1/README47
1 files changed, 47 insertions, 0 deletions
diff --git a/TAO/orbsvcs/examples/Security/SecurityLevel1/README b/TAO/orbsvcs/examples/Security/SecurityLevel1/README
new file mode 100644
index 00000000000..a29c58d2ee7
--- /dev/null
+++ b/TAO/orbsvcs/examples/Security/SecurityLevel1/README
@@ -0,0 +1,47 @@
+$Id$
+
+* README *
+
+
+ In this example, the server will have some (or may be just
+one, if that will serve the purpose .. anyways since these will be
+just simple dummy methods, it shouldnt matter) methods with different
+levels of authorization. When a client wants to invoke any of these
+methods, it has to be authenticated first(I am not sure, as of now,
+the way for authenticating or the fact if this is really needed
+.. well for starters, I will leave authentication). Then based on the
+principals privilege attributes, the invocation will be
+successful or denied.
+
+This test makes use of the Current::get_attributes to get the
+attributes of the prinicipal which are used to provide or deny
+access.
+
+We will check the values for all the possible attribute types that a
+server could check in the remote case. And, as in the example, run
+clients with both valid and invalid credentials.
+
+Also, we also need to make sure that the server is actually
+returning the correct credentials and not garbling or giving some
+random values.
+
+This will prove that
+
+1. Authorization is working.
+2. All the attribute types which are supposed to work are working
+ properly.
+3. Authentication is already working but we could also check that once
+ again. But, authentication is not limited to the ORB. It could be
+ checked using an outside agent too.
+
+
+ Since, the only thing that the SecurityLevel1 does is to get the
+credentials of the initiating principal, to test the implementation,
+in my view,
+
+1. We need to see if the method is returning the correct credentials.
+2. If all the attribute types are working... ie.. show what are the
+ different types of attributes and what can be valid values for them
+ etc.
+3. We need to show how one can make use of these values to provide or
+ deny access to the initiating principal.
View Lorry Controller Status