Table of Contents Previous Next PDF


The Security Sample Application
The Security Sample Application
This topic includes the following sections:
How the Security Sample Application Works
The Development Process for the Security Sample Application
Building the Security Sample Application
Compiling the Security Sample Application
Running the Security Sample Application
Using the Client Applications in the Security Sample Application
Notes:
The Oracle Tuxedo CORBA Java client and Oracle Tuxedo CORBA Java client ORB were deprecated in Tuxedo 8.1 and are no longer supported. All Oracle Tuxedo CORBA Java client and Oracle Tuxedo CORBA Java client ORB text references, associated code samples, should only be used to help implement/run third party Java ORB libraries, and for programmer reference only.
Technical support for third party CORBA Java ORBs should be provided by their respective vendors. Oracle Tuxedo does not provide any technical support or documentation for third party CORBA Java ORBs.
For a full discussion of implementing security in a CORBA application, see Using Security in CORBA Applications.
How the Security Sample Application Works
The Security sample application enhances the Basic sample application by adding application-level security to the CORBA application. Application-level security requires each student to have an ID and a password. Therefore, the concept of a Student is added to the Security sample application.
The following functionality is added to the Basic sample application:
The client applications add a logon operation. This operation uses a SecurityCurrent environmental object to invoke operations on the PrincipalAuthenticator object, which is part of the process of logging on to access the domain.
The University server application implements an additional operation, get_student_details(), on the Registrar object to return information about a student. After a proper CORBA logon is complete, the get_student_details() operation accesses the student information in the database to obtain the student information needed by the client logon operation.
The University database contains student information in addition to course information.
Figure 4‑1 illustrates how the Security sample application works.
Figure 4‑1 The Security Sample Application
 
 
 
The Development Process for the Security Sample Application
This section describes the development process required when adding security to CORBA client and server applications. These steps are in addition to the development steps outlined in Chapter 3, “The Basic Sample Application.”
Note:
The steps in this section have been done for you and are included in the Security sample application.
OMG IDL
During the development process, you would define the StudentDetails struct and the get_student_details()operation in Object Management Group (OMG) Interface Definition Language (IDL).
The Client Application
During the development process, you would add the following code to your client application:
The Bootstrap environmental object to obtain a reference to the SecurityCurrent environmental object in the specified Oracle Tuxedo domain.
The Tobj::PrincipalAuthenticator operation of the SecurityCurrent environmental object to return the type of authentication expected by the Oracle Tuxedo domain.
Operations to log on to the Oracle Tuxedo domain using the required security information.
For the Security sample application, this code has already been added for you. For information about adding security to CORBA client applications, see Using Security in CORBA Applications.
The Server Application
During the development process, you would write the method implementation for the get_student_details()operation. For information about writing method implementations, see Creating CORBA Server Applications.
The UBBCONFIG File
In the Oracle Tuxedo software, security levels are defined for the configuration by the system administrator. The system administrator defines the security for the Oracle Tuxedo domain by setting the SECURITY parameter RESOURSES section of the UBBCONFIG file to the desired security level. In the Security sample application, the SECURITY parameter is set to APP_PW for application-level security. For information about adding security to an Oracle Tuxedo domain, see Setting Up an Oracle Tuxedo Application and Using Security in CORBA Applications.
The ICF File
No changes to the Implementation Configuration File (ICF) are required.
Building the Security Sample Application
To build the Security sample application, complete the following steps:
1.
Copy the files for the Security sample application.
2.
Change the protection on the files for the Security sample application.
3.
Set the environment variables.
4.
Initialize the University database.
5.
Load the UBBCONFIG file.
6.
Build the client and server sample applications.
The following sections describe these steps.
Note:
Before you can build or run the Security sample application, you need to perform the steps in Chapter 2, “Setting Up Your Environment.”
Copying the Files for the Security Sample Application into a Work Directory
The files for the Security sample application are located in the following directories:
Windows
drive:\TUXDIR\samples\corba\university\security
UNIX
/usr/TUXDIR/samples/corba/university/security
In addition, you need to copy the utils directory into your work directory. The utils directory contains files that set up logging, tracing, and access to the University database.
You will use the files listed in Table 4‑1 to create the Security sample application.
 
Table 4‑1 Files Included in the Security Sample Application 
File
Description
univs.idl
The OMG IDL that declares the CourseSynopsisEnumerator, Registrar, and RegistrarFactory interfaces.
univss.cpp
The C++ source code for the University server application in the Security sample application.
univs_i.h
univs_i.cpp
The C++ source code for method implementations of the CourseSynopsisEnumerator, Registrar, and RegistrarFactory interfaces.
univsc.cpp
The C++ source code for the CORBA C++ client application in the Security sample application.
univs_utils.h
univs_utils.cpp
The files that define database access functions for the CORBA C++ client application.
univs.icf
The Implementation Configuration File (ICF) for the Security sample application.
setenvs.sh
A UNIX script that sets the environment variables needed to build and run the Security sample application.
setenvs.cmd
An MS-DOS command procedure that sets the environment variables needed to build and run the Security sample application.
ubb_s.mk
The UBBCONFIG file for the UNIX operating system.
ubb_s.nt
The UBBCONFIG file for the Windows operating system.
makefiles.mk
The makefile for the Security sample application on the UNIX operating system.
makefiles.nt
The makefile for the Security sample application on the Windows operating system.
log.cpp, log.h, log_client.cpp, and log_server.cpp
The client and server applications that provide logging and tracing functions for the sample applications. These files are located in the \utils directory.
oradbconn.cpp and oranoconn.cpp
The files that provide access to an Oracle SQL database instance. These files are located in the \utils directory.
samplesdb.cpp and samplesdb.h
The files that provide print functions for the database exceptions in the sample applications.These files are located in the \utils directory.
unique_id.cpp and unique_id.h
C++ Unique ID class routines for the sample applications.These files are located in the \utils directory.
samplesdbsql.h and samplesdbsql.pc
C++ class methods that implement access to the SQL database. These files are located in the \utils directory.
university.sql
The SQL for the University database. This file is located in the \utils directory.
Changing the Protection on the Files for the Security Sample Application
During the installation of the Oracle Tuxedo software, the sample application files are marked read-only. Before you can edit the files or build the files in the Security sample application, you need to change the protection of the files you copied into your work directory, as follows:
Windows
prompt>attrib -r drive:\workdirectory\*.*
UNIX
prompt>chmod u+rw /workdirectory/*.*
Setting the Environment Variables
Use the following command to set the environment variables used to build the client and server applications in the Security sample applications:
Windows
prompt>setenvs
UNIX
prompt>/bin/ksh
prompt>. ./setenvs.sh
Initializing the University Database
Use the following command to initialize the University database used with the Security sample application:
Windows
prompt>nmake -f makefiles.nt initdb
UNIX
prompt>make -f makefiles.mk initdb
Loading the UBBCONFIG File
Use the following command to load the UBBCONFIG file:
Windows
prompt>tmloadcf -y ubb_s.nt
UNIX
prompt>tmloadcf -y ubb_s.mk
The build process for the UBBCONFIG file prompts you for an application password. This password will be used to log on to the client applications. Enter the password and press Enter. You are then prompted to verify the password by entering it again.
Compiling the Security Sample Application
During the development process, you would use the buildobjclient and buildobjserver commands to build the client and server applications. However, for the Security sample application, this step has been done for you.
The directory for the Security sample application contains a makefile that builds the client and server sample applications.
Use the following commands to build the CORBA C++ client and server applications in the Security sample application:
Windows
prompt>nmake -f makefiles.nt
UNIX
prompt>make -f makefiles.mk
Running the Security Sample Application
To run the Security sample application, complete the following steps:
1.
Start the University server application.
2.
Start one or more of the client applications.
These steps are explained in the following sections.
Starting the University Server Application
Start the system and sample application server applications in the Security sample application by entering the following command:
prompt>tmboot -y
This command starts the following server processes:
TMSYSEVT
The Oracle Tuxedo system EventBroker.
TMFFNAME
The transaction management services, including the NameManager and the FactoryFinder services.
TMIFSRVR
The Interface Repository server process.
univs_server
The University server process.
ISL
The IIOP Listener/Handler process.
Before using another sample application, enter the following command to stop the system and sample application server processes:
prompt>tmshutdown
Starting the CORBA C++ Client Application
Start the CORBA C++ client application in the Security sample application by completing the following steps:
1.
At the MS-DOS prompt, enter the following command:
prompt>univs_client
2.
At the Enter student id: prompt, enter any number between 100001 and 100010.
3.
Press Enter.
4.
At the Enter domain password: prompt, enter the password you defined when you loaded the UBBCONFIG file.
5.
Press Enter.
Using the Client Applications in the Security Sample Application
The following sections briefly explain how to use the client applications in the Security sample application.
The CORBA C++ Client Application
The CORBA C++ client application in the Security sample application has the following additional option:
<L> List your registered courses
This option displays the list of courses registered under the student ID that was used to log on to the CORBA C++ client application.

Copyright © 1994, 2017, Oracle and/or its affiliates. All rights reserved.