This represents an interface for retrieving information about a client session.
Returns current authentication status of the session. If the authentication status value is zero, then no authentication was performed before calling the user defined authentication service. This would be the case where the authentication scheme is implemented entirely in the user's authentication service component (using interface CtsSecurity::AuthService). If the status value is non-zero, it could be a combination of any of the following bit flags.
Bit Set | Bit Mask | Meaning |
---|---|---|
0 | AUTH_SSL_SESSION | This session uses SSL but client is not SSL authenticated. |
1 | AUTH_SSL_AUTHENTICATED | This session uses SSL and client is SSL authenticated. User credential information can be obtained by instantiating CtsSecurity/UserCredentials component. |
2 | AUTH_OS_AUTHENTICATED | This session is authenticated using host OS (or OS domain) username and password. |
3 | AUTH_JAGADMIN_AUTHENTICATED | This session is authenticated using username jagadmin and password. |
4 | AUTH_FAILED_AUTHENTICATION | Authentication failed. |
5 | AUTH_TIMEDOUT | Authentication timed out. This session has been authenticated previously. |
long getAuthenticationStatus ( );
This method delegates to the
getCallerPrincipal
method
in the authentication service (if installed).
string getCallerPrincipal ( );
If there is no authentication service installed in the
server, this method will throw a CORBA::NO_IMPLEMENT
exception.
If the authentication service does not implement the
CallerPrincipal interface, this method will throw a
CORBA::BAD_OPERATION
exception.
Returns an array of roles that the caller belongs to.
CtsSecurity::StringSeq getCallerRoles ( );
Returns peer host name.
string getHostName ( );
Returns the name of the server listener that received this client connection.
string getListener ( );
Returns the client user name.
string getName ( );
Returns client user password.
string getPassword ( );
Retrieves peer IP address.
string getPeerAddress ( );
Returns the current session ID.
string getSessionID ( );
Returns SSLSessionInfo object. If SSL is not used with the associated object reference, it raises an SSLNotEnabledError exception.
CtsSecurity::SSLSessionInfo getSSLSessionInfo ( ) raises (CtsSecurity::SSLNotEnabledError);
Returns true if the caller is authorized for the given roles.
boolean isCallerInRole ( in string role );
Given an array of roles check if the caller is in them. If 'checkAll' is 'true' then the caller must be in all roles, otherwise only needs to be in one of them.
boolean isCallerInRoles ( in CtsSecurity::StringSeq roles, in boolean checkAll );
Provides a mechanism by which a custom authentication
service component can modify the username associated
with an authenticated session
object.
void setName ( in string alternate_name );
A custom authentication service implements the
CtsSecurity/AuthService
interface.
For example, a CORBA client
obtains an authenticated session
by calling
Manager::createSession(user,password)
.
An EJB client obtains an implicit authenticated session
by creating an InitialContext.
In the authentication component, a call to setName
with the alternate_name, will force the authenticated
session
object to inherit the alternate_name.
This method can only be invoked when the authentication service is executing. If invoked at other times, the method will throw a CORBA::NO_PERMISSION exception.