|
Home > Archive > Client-Server > May 2005 > Q: Security management in Client/Server environments (especially CORBA)
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Q: Security management in Client/Server environments (especially CORBA)
|
|
| Generic Usenet Account 2005-05-16, 5:46 pm |
| Security Management plays a vital part in any distributed environment.
Services are provided only after the client has been properly
authenticated. After successful authentication, subsequent service
requests contain a certain "handle" that enable the server to trace the
request back to an already authenticated user. The handle can take
many forms ---- for example IP address and port number in the case of
Telnet and FTP.
I have two questions:
(1) Is there a standardized way for a CORBA server to trace a request
from a client application to a previously authenticated user? Or does
it depend on a particular orb implementation?
(2) What are the commonly accepted ways of authorizing requests in a
distributed client/server setup?
If this posting is off-topic, my apologies
Thanks,
Steve
| |
| Ke Jin 2005-05-17, 5:46 pm |
| Generic Usenet Account wrote:
> Security Management plays a vital part in any distributed
environment.
> Services are provided only after the client has been properly
> authenticated. After successful authentication, subsequent service
> requests contain a certain "handle" that enable the server to trace
the
> request back to an already authenticated user. The handle can take
> many forms ---- for example IP address and port number in the case of
> Telnet and FTP.
>
> I have two questions:
> (1) Is there a standardized way for a CORBA server to trace a
request
> from a client application to a previously authenticated user? Or
does
> it depend on a particular orb implementation?
>
See OMG CSIv2 (chapter 24 of CORBA 3).
> (2) What are the commonly accepted ways of authorizing requests in a
> distributed client/server setup?
See OMG Authorization Token Layer Acquisition Service (ATLAS)
specification.
Ke
| |
| Roland 2005-05-19, 7:45 am |
| I have the same question actually. Is the Security Attribute Service
available in any of the ORB implementations. I'm using omniORB & C++.
I'd really appreciate it if somebody could point me to a C++ example of
how CORBA handles the authentication and subsequent client/server
interaction.
Thanks,
roland
| |
| Ke Jin 2005-05-19, 5:46 pm |
|
Roland wrote:
> I have the same question actually. Is the Security Attribute Service
> available in any of the ORB implementations. I'm using omniORB & C++.
> I'd really appreciate it if somebody could point me to a C++ example
of
> how CORBA handles the authentication and subsequent client/server
> interaction.
Borland security service (VisiSecure) is CSIv2 compliant, and
therefore, supports SAS. See its document
(http://info.borland.com/techpubs/be...curityGuide.pdf) and
examples, shipped with the product.
Regards,
Ke
>
> Thanks,
>
> roland
|
|
|
|
|