Chapter 2 Securing Component Access
This section describes various security features available to components, including:
Clients can connect to a secure IIOP port using an SSL client certificate. You can issue intercomponent calls to the built-in CtsSecurity/SessionInfo component to retrieve the client certificate data, including:
This component implements CtsSecurity::SessionInfo IDL interface. HTML documentation is available for the interface in the html/ir subdirectory of your EAServer installation. You can view it by loading the main EAServer HTML page, then clicking the "Interface Repository" link.
The CtsSecurity::UserCredentials interface is deprecated The CtsSecurity::UserCredentials interface, which is implemented by the CtsSecurity/UserCredentials component, has been replaced by the CtsSecurity::SessionInfo interface, which provides additional functionality such as certificate parsing. EAServer supports the CtsSecurity::UserCredentials interface for backward compatibility. Use the CtsSecurity::SessionInfo interface if you are developing new components.
For non-EJB CORBA components, the following mechanisms are used for authentication within a server and for standalone clients:
Module::Interface_var compInstance = Module::Interface::narrow( "iiop[s]://user:password:host:port/EAServerPackage/EAServerComponent");
C++ components (and PowerBuilder NVOs) can make intercomponent calls across different servers using SSL in much the same way as any other C++ client. However, be aware of these considerations:
com.sybase.jaguar.component.qop=sybpks_intl
See the EAServer Programmer's Guide for information about developing C++ components and clients
Your EAServer installation includes a sample C++ component that demonstrates how to call the CtsSecurity/UserCredentials component methods. See the following file in your EAServer installation for more information:
sample/SecurityDemo/readme.txt
Copyright © 2002 Sybase, Inc. All rights reserved. |