diff options
Diffstat (limited to 'TAO/orbsvcs/examples/Security/SecurityLevel1/README')
-rw-r--r-- | TAO/orbsvcs/examples/Security/SecurityLevel1/README | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/TAO/orbsvcs/examples/Security/SecurityLevel1/README b/TAO/orbsvcs/examples/Security/SecurityLevel1/README new file mode 100644 index 00000000000..a29c58d2ee7 --- /dev/null +++ b/TAO/orbsvcs/examples/Security/SecurityLevel1/README @@ -0,0 +1,47 @@ +$Id$ + +* README * + + + In this example, the server will have some (or may be just +one, if that will serve the purpose .. anyways since these will be +just simple dummy methods, it shouldnt matter) methods with different +levels of authorization. When a client wants to invoke any of these +methods, it has to be authenticated first(I am not sure, as of now, +the way for authenticating or the fact if this is really needed +.. well for starters, I will leave authentication). Then based on the +principals privilege attributes, the invocation will be +successful or denied. + +This test makes use of the Current::get_attributes to get the +attributes of the prinicipal which are used to provide or deny +access. + +We will check the values for all the possible attribute types that a +server could check in the remote case. And, as in the example, run +clients with both valid and invalid credentials. + +Also, we also need to make sure that the server is actually +returning the correct credentials and not garbling or giving some +random values. + +This will prove that + +1. Authorization is working. +2. All the attribute types which are supposed to work are working + properly. +3. Authentication is already working but we could also check that once + again. But, authentication is not limited to the ORB. It could be + checked using an outside agent too. + + + Since, the only thing that the SecurityLevel1 does is to get the +credentials of the initiating principal, to test the implementation, +in my view, + +1. We need to see if the method is returning the correct credentials. +2. If all the attribute types are working... ie.. show what are the + different types of attributes and what can be valid values for them + etc. +3. We need to show how one can make use of these values to provide or + deny access to the initiating principal. |