The Oracle Tuxedo system provides security at incremental levels, including operating system security, application password, user authentication, optional access control lists, mandatory access control lists, and link-level encryption. Refer to Setting Up an Oracle Tuxedo Application for information on setting security levels.

The application password security level requires every client to provide an application password when it joins the application. The administrator can set or change the application password and must provide it to valid users.

If this level of security is used, Oracle Tuxedo system-supplied client programs, such as ud(), prompt for the application password. (Refer to Administering an Oracle Tuxedo Application at Run Time for more information on ud, wud (1).) In turn, application-specific client programs must include code for obtaining the password from a user. The unencrypted password is placed in the TPINIT buffer and evaluated when the client calls tpinit() to join the application.

You can use the tpchkauth(3c) function to determine:

• Whether the application requires any authentication
• If the application requires authentication, which of the following types of authentication is needed:
  • System authentication based on an application password
  • Application authentication based on an application password and user-specific information

Typically, a client should call the tpchkauth() function before tpinit() to identify any additional security information that must be provided during initialization.

Refer to Using Security in CORBA Applications for more information on security programming techniques.