geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r373216 [3/4] - /geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/
Date Sat, 28 Jan 2006 19:04:21 GMT
Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/NRService.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/NRService.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/NRService.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/NRService.idl Sat Jan 28 11:04:11 2006
@@ -1,162 +0,0 @@
-#ifndef _NR_SERVICE_IDL
-#define _NR_SERVICE_IDL
-
-#pragma prefix "omg.org"
-
-#include <SecurityLevel2.idl>
-
-module NRService  {
-
-    typedef Security::MechanismType 	NRMech;
-    typedef Security::ExtensibleFamily	NRPolicyId;
-
-    enum EvidenceType {     	
-        SecProofofCreation,
-        SecProofofReceipt,
-        SecProofofApproval,
-        SecProofofRetrieval,
-        SecProofofOrigin,
-        SecProofofDelivery,
-        SecNoEvidence     // used when request-only token desired
-    };
-
-    enum NRVerificationResult {
-        SecNRInvalid,
-        SecNRValid,
-        SecNRConditionallyValid 
-    };
-
-    // the following are used for evidence validity duration
-    typedef unsigned long   DurationInMinutes;
-
-    const DurationInMinutes DurationHour   = 60;
-    const DurationInMinutes DurationDay    = 1440;
-    const DurationInMinutes DurationWeek   = 10080; 
-    const DurationInMinutes DurationMonth = 43200;// 30 days;
-    const DurationInMinutes DurationYear   = 525600;//365 days;
-
-    typedef long TimeOffsetInMinutes; 
-
-    struct NRPolicyFeatures {
-         NRPolicyId         policy_id; 
-         unsigned long      policy_version;
-         NRMech             mechanism;
-    };
-
-    typedef sequence <NRPolicyFeatures> NRPolicyFeaturesList;
-
-    // features used when generating requests
-    struct RequestFeatures {
-        NRPolicyFeatures    requested_policy;
-        EvidenceType        requested_evidence;
-        string              requested_evidence_generators;
-        string              requested_evidence_recipients;
-        boolean             include_this_token_in_evidence;
-    };
-
-    struct EvidenceDescriptor {
-        EvidenceType        evidence_type;
-        DurationInMinutes   evidence_validity_duration;
-        boolean             must_use_trusted_time;
-    };
-
-    typedef sequence <EvidenceDescriptor> EvidenceDescriptorList;
-
-    struct AuthorityDescriptor {    
-        string              authority_name;
-        string              authority_role;
-        TimeOffsetInMinutes last_revocation_check_offset;
-                 // may be >0 or <0; add this to evid. gen. time to
-                 // get latest time at which mech. will check to see
-                 // if this authority's key has been revoked.
-    };
-
-    typedef sequence <AuthorityDescriptor> AuthorityDescriptorList;
-
-    struct MechanismDescriptor {
-        NRMech                  mech_type;
-        AuthorityDescriptorList authority_list;     
-        TimeOffsetInMinutes     max_time_skew; 
-                // max permissible difference between evid. gen. time
-                // and time of time service countersignature
-                // ignored if trusted time not reqd.
-    };
-
-    typedef sequence <MechanismDescriptor> MechanismDescriptorList;
-
-
-    interface NRCredentials : SecurityLevel2::Credentials{
-
-        boolean set_NR_features(
-            in   NRPolicyFeaturesList         requested_features,
-            out  NRPolicyFeaturesList         actual_features 
-        );
-
-        NRPolicyFeaturesList get_NR_features ();            
-
-        void generate_token(
-            in   Security::Opaque             input_buffer,
-            in   EvidenceType                 generate_evidence_type,
-            in   boolean                      include_data_in_token,
-            in   boolean                      generate_request,
-            in   RequestFeatures              request_features,
-            in   boolean                      input_buffer_complete,
-            out  Security::Opaque             nr_token,
-            out  Security::Opaque             evidence_check
-        );
-
-        NRVerificationResult verify_evidence(
-            in   Security::Opaque             input_token_buffer,
-            in   Security::Opaque             evidence_check, 
-            in   boolean                      form_complete_evidence,
-            in   boolean                      token_buffer_complete,
-            out  Security::Opaque             output_token,
-            out  Security::Opaque             data_included_in_token,
-            out  boolean                      evidence_is_complete,
-            out  boolean                      trusted_time_used,
-            out  Security::TimeT              complete_evidence_before,
-            out  Security::TimeT              complete_evidence_after
-        );
-
-        void get_token_details(
-            in   Security::Opaque             token_buffer,
-            in   boolean                      token_buffer_complete,
-            out  string                       token_generator_name,
-            out  NRPolicyFeatures             policy_features,
-            out  EvidenceType                 evidence_type,
-            out  Security::UtcT               evidence_generation_time,
-            out  Security::UtcT               evidence_valid_start_time,
-            out  DurationInMinutes            evidence_validity_duration,
-            out  boolean                      data_included_in_token,
-            out  boolean                      request_included_in_token,
-            out  RequestFeatures              request_features
-        );
-
-        boolean form_complete_evidence(
-            in   Security::Opaque             input_token,
-            out  Security::Opaque             output_token,
-            out  boolean                      trusted_time_used,
-            out  Security::TimeT              complete_evidence_before,
-            out  Security::TimeT              complete_evidence_after
-        );
-    };
-
-
-    interface NRPolicy : CORBA::Policy{
-
-        void get_NR_policy_info(
-            out  Security::ExtensibleFamily   NR_policy_id,
-            out  unsigned long                policy_version,
-            out  Security::TimeT              policy_effective_time,
-            out  Security::TimeT              policy_expiry_time,
-            out  EvidenceDescriptorList       supported_evidence_types,
-            out  MechanismDescriptorList      supported_mechanisms 
-        );
-
-        boolean set_NR_policy_info(
-            in   MechanismDescriptorList      requested_mechanisms,
-            out  MechanismDescriptorList      actual_mechanisms
-        );
-    };
-};
-#endif /* _NR_SERVICE_IDL */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/PortableInterceptor.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/PortableInterceptor.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/PortableInterceptor.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/PortableInterceptor.idl Sat Jan 28 11:04:11 2006
@@ -1,154 +0,0 @@
-// File: PortableInterceptor.idl
-
-#ifndef _PORTABLE_INTERCEPTOR_IDL_
-#define _PORTABLE_INTERCEPTOR_IDL_
-
-#ifndef CORBA3
-#define local  
-#endif
-
-#include <orb.idl>
-#include <Dynamic.idl>
-// #include <IOP_N.idl>
-#include <Messaging.idl>
-
-#pragma prefix "omg.org"
-module PortableInterceptor {
-
-  interface Interceptor {
-    readonly attribute string name;
-  };
-
-  exception ForwardRequest {
-    Object forward;
-  };
-
-  typedef short ReplyStatus;
-
-  // Valid reply_status values:
-  const ReplyStatus SUCCESSFUL = 0;
-  const ReplyStatus SYSTEM_EXCEPTION = 1;
-  const ReplyStatus USER_EXCEPTION = 2;
-  const ReplyStatus LOCATION_FORWARD = 3;
-  const ReplyStatus TRANSPORT_RETRY = 4;
-
-  typedef unsigned long SlotId;
-
-  exception InvalidSlot {};
-
-  interface Current : CORBA::Current {
-    any get_slot (in SlotId id) raises (InvalidSlot);
-    void set_slot (in SlotId id, in any data) raises (InvalidSlot);
-  };
-
-  interface RequestInfo {
-    readonly attribute unsigned long request_id;
-    readonly attribute string operation;
-    readonly attribute Dynamic::ParameterList arguments;
-    readonly attribute Dynamic::ExceptionList exceptions;
-    readonly attribute Dynamic::ContextList contexts;
-    readonly attribute Dynamic::RequestContext operation_context;
-    readonly attribute any result;
-    readonly attribute boolean response_expected;
-    readonly attribute Messaging::SyncScope sync_scope;
-    readonly attribute ReplyStatus reply_status;
-    readonly attribute Object forward_reference;
-    any get_slot (in SlotId id) raises (InvalidSlot);
-    IOP::ServiceContext get_request_service_context (in IOP::ServiceId id);
-    IOP::ServiceContext get_reply_service_context (in IOP::ServiceId id);
-  };
-
-  interface ClientRequestInfo : RequestInfo {
-    readonly attribute Object target;
-    readonly attribute Object effective_target;
-    readonly attribute IOP::TaggedProfile effective_profile;
-    readonly attribute any received_exception;
-    readonly attribute CORBA::RepositoryId received_exception_id;
-    IOP::TaggedComponent get_effective_component (in IOP::ComponentId id);
-    // IOP_N::TaggedComponentSeq get_effective_components (in IOP::ComponentId id);
-    CORBA::Policy get_request_policy (in CORBA::PolicyType type);
-    void add_request_service_context (
-      in IOP::ServiceContext service_context,
-      in boolean replace);
-  };
-
-  interface ServerRequestInfo : RequestInfo {
-    readonly attribute any sending_exception;
-    readonly attribute CORBA::OctetSeq object_id;
-    readonly attribute CORBA::OctetSeq adapter_id;
-    readonly attribute CORBA::RepositoryId target_most_derived_interface;
-    CORBA::Policy get_server_policy (in CORBA::PolicyType type);
-    void set_slot (in SlotId id, in any data) raises (InvalidSlot);
-    boolean target_is_a (in CORBA::RepositoryId id);
-    void add_reply_service_context (
-      in IOP::ServiceContext service_context,
-      in boolean replace);
-  };
-
-  interface ClientRequestInterceptor : Interceptor {
-    void send_request  (in ClientRequestInfo ri) raises (ForwardRequest);
-    void send_poll (in ClientRequestInfo ri);
-    void receive_reply (in ClientRequestInfo ri);
-    void receive_exception (in ClientRequestInfo ri) raises (ForwardRequest);
-    void receive_other (in ClientRequestInfo ri) raises (ForwardRequest);
-  };
-
-  interface ServerRequestInterceptor : Interceptor {
-    void receive_request_service_contexts (in ServerRequestInfo ri) raises (ForwardRequest);
-    void receive_request (in ServerRequestInfo ri) raises (ForwardRequest);
-    void send_reply (in ServerRequestInfo ri);
-    void send_exception (in ServerRequestInfo ri) raises (ForwardRequest);
-    void send_other (in ServerRequestInfo ri) raises (ForwardRequest);
-  };
-
-  interface IORInfo {
-    CORBA::Policy get_effective_policy (in CORBA::PolicyType type);
-    void add_ior_component (in IOP::TaggedComponent component);
-    void add_ior_component_to_profile (
-      in IOP::TaggedComponent component,
-      in IOP::ProfileId profile_id);
-    };
-
-  interface IORInterceptor : Interceptor {
-    void establish_components (in IORInfo info);
-  };
-
-  interface PolicyFactory
-  {
-    CORBA::Policy create_policy (in CORBA::PolicyType type, in any value)
-      raises (CORBA::PolicyError);
-  };
-
-  interface ORBInitInfo {
-    typedef string ObjectId;
-    exception DuplicateName {
-      string name;
-    };
-    exception InvalidName {};
-
-    readonly attribute CORBA::StringSeq arguments;
-    readonly attribute string orb_id;
-    readonly attribute IOP::CodecFactory codec_factory;
-    void register_initial_reference (in ObjectId id, in Object obj)
-      raises (InvalidName);
-    Object resolve_initial_references (in ObjectId id) raises (InvalidName);
-    void add_client_request_interceptor (in ClientRequestInterceptor interceptor)
-      raises (DuplicateName);
-    void add_server_request_interceptor (
-      in ServerRequestInterceptor interceptor)
-      raises (DuplicateName);
-    void add_ior_interceptor (in IORInterceptor interceptor)
-      raises (DuplicateName);
-    SlotId allocate_slot_id ();
-    void register_policy_factory (
-      in CORBA::PolicyType type,
-      in PolicyFactory policy_factory);
-  };
-
-  interface ORBInitializer {
-    void pre_init (in ORBInitInfo info);
-    void post_init (in ORBInitInfo info);
-  };
-};
-#endif  // _PORTABLE_INTERCEPTOR_IDL_
-

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SSLIOP.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SSLIOP.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SSLIOP.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SSLIOP.idl Sat Jan 28 11:04:11 2006
@@ -1,15 +1,53 @@
+/*
+
+Copyright 1995 AT&T Global Information Solutions Company
+Copyright 1995 Digital Equipment Corporation
+Copyright 1995 Expersoft Corporation
+Copyright 1995 Groupe Bull
+Copyright 1995 Hewlett-Packard Company
+Copyright 1995 IBM (in collaboration with Taligent, Inc.)
+Copyright 1995 International Computers Limited
+Copyright 2002 Object Management Group, Inc.
+Copyright 1997 Netscape Communications Corporation
+Copyright 1997 Northern Telecom LImited
+Copyright 1995 Novell, Inc.
+Copyright 1995 Siemens Nixdorf Informationssysteme AG
+Copyright 1995, 1997 SunSoft, Inc.
+Copyright 1995 Tandem Computer Inc. (in collaboration with Odyssey Research Assoc., Inc.)
+Copyright 1995 Tivoli Systems, Inc.
+Copyright 1997 Visigenic Software, Inc.
+
+The companies listed above have granted to the Object Management Group, Inc. (OMG) a nonexclusive, royalty-free, paid up,
+worldwide license to copy and distribute this document and to modify this document and distribute copies of the modified version.
+Each of the copyright holders listed above has agreed that no person shall be deemed to have infringed the copyright in
+the included material of any such copyright holder by reason of having used the specification set forth herein or having conformed
+any computer software to the specification.
+
+PATENT
+
+The attention of adopters is directed to the possibility that compliance with or adoption of OMG specifications may require use
+of an invention covered by patent rights. OMG shall not be responsible for identifying patents for which a license may be
+required by any OMG specification, or for conducting legal inquiries into the legal validity or scope of those patents that are
+brought to its attention. OMG specifications are prospective and advisory only. Prospective users are responsible for protecting
+themselves against liability for infringement of patents.
+
+*/
+
 #ifndef _SSLIOP_IDL
 #define _SSLIOP_IDL
+#pragma prefix "omg.org"
 #include <IOP.idl>
 #include <Security.idl>
-#pragma prefix "omg.org"
+
 module SSLIOP {
-    // Security mechanism SSL
-    const IOP::ComponentId TAG_SSL_SEC_TRANS = 20;
-    struct SSL {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        unsigned short port;
-    };
+	// Security mechanism SSL
+
+	const IOP::ComponentId TAG_SSL_SEC_TRANS = 20;
+
+	struct SSL {
+		Security::AssociationOptions target_supports;
+		Security::AssociationOptions target_requires;
+		unsigned short port;
+	};
 };
 #endif /* _SSLIOP_IDL */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecIOP.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecIOP.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecIOP.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecIOP.idl Sat Jan 28 11:04:11 2006
@@ -1,156 +0,0 @@
-#ifndef _SECIOP_IDL_
-#define _SECIOP_IDL
-#include <IOP.idl>
-#include <Security.idl>
-#pragma prefix "omg.org"
-module SECIOP {
-    const IOP::ComponentId TAG_GENERIC_SEC_MECH = 22;
-    const IOP::ComponentId TAG_ASSOCIATION_OPTIONS = 13;
-    const IOP::ComponentId TAG_SEC_NAME = 14;
-    struct TargetAssociationOptions{
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-    };
-    struct GenericMechanismInfo {
-        sequence <octet> security_mechanism_type;
-        sequence <octet> mech_specific_data;
-        sequence <IOP::TaggedComponent> components;
-    };
-
-    enum MsgType {
-        MTEstablishContext,
-        MTCompleteEstablishContext,
-        MTContinueEstablishContext,
-        MTDiscardContext,
-        MTMessageError,
-        MTMessageInContext
-    };
-    typedef unsigned long long ContextId;
-    enum ContextIdDefn {
-        CIDClient,
-        CIDPeer,
-        CIDSender
-    };
-    struct EstablishContext {
-        ContextId client_context_id;
-        sequence <octet> initial_context_token;
-    };
-    struct CompleteEstablishContext {
-        ContextId client_context_id;
-        boolean target_context_id_valid;
-        ContextId target_context_id;
-        sequence <octet> final_context_token;
-    };
-    struct ContinueEstablishContext {
-        ContextId client_context_id;
-        sequence <octet> continuation_context_token;
-    };
-    struct DiscardContext {
-        ContextIdDefn message_context_id_defn;
-        ContextId message_context_id;
-        sequence <octet> discard_context_token;
-    };
-    struct MessageError {
-        ContextIdDefn message_context_id_defn;
-        ContextId message_context_id;
-        long major_status;
-        long minor_status;
-    };
-    enum ContextTokenType {
-        SecTokenTypeWrap,
-        SecTokenTypeMIC
-    };
-    struct MessageInContext {
-        ContextIdDefn message_context_id_defn;
-        ContextId message_context_id;
-        ContextTokenType message_context_type;
-        sequence <octet> message_protection_token;
-    };
-    // message_protection_token is obtained by CDR encoding
-    // the following SequencingHeader followed by the octets of the
-    // frame data. SequencingHeader + Frame Data is called a
-    // SequencedDataFrame
-    struct SequencingHeader {
-        octet control_state;
-        unsigned long direct_sequence_number;
-        unsigned long reverse_sequence_number;
-        unsigned long reverse_window;
-    };
-    typedef sequence <octet> SecurityName;
-    typedef unsigned short CryptographicProfile;
-    typedef sequence <CryptographicProfile> CryptographicProfileList;
-    // Cryptographic profiles for SPKM
-    const CryptographicProfile MD5_RSA = 20;
-    const CryptographicProfile MD5_DES_CBC = 21;
-    const CryptographicProfile DES_CBC = 22;
-    const CryptographicProfile MD5_DES_CBC_SOURCE = 23;
-    const CryptographicProfile DES_CBC_SOURCE = 24;
-    // Security Mechanism SPKM_1
-    const IOP::ComponentId TAG_SPKM_1_SEC_MECH = 15;
-    struct SPKM_1 {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        CryptographicProfileList crypto_profile;
-        SecurityName security_name;
-    };
-    // Security Mechanism SPKM_1
-    const IOP::ComponentId TAG_SPKM_2_SEC_MECH = 16;
-    struct SPKM_2 {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        CryptographicProfileList crypto_profile;
-        SecurityName security_name;
-    };
-    // Cryptographic profiles for GSS Kerberos Protocol
-    const CryptographicProfile DES_CBC_DES_MAC = 10;
-    const CryptographicProfile DES_CBC_MD5 = 11;
-    const CryptographicProfile DES_MAC = 12;
-    const CryptographicProfile MD5 = 13;
-    // Security Mechanism KerberosV5
-    const IOP::ComponentId TAG_KerberosV5_SEC_MECH = 17;
-    struct KerberosV5 {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        CryptographicProfileList crypto_profile;
-        SecurityName security_name;
-    };
-    // Cryptographic profiles for CSI-ECMA Protocol
-    const CryptographicProfile FullSecurity = 1;
-    const CryptographicProfile NoDataConfidentiality = 2;
-    const CryptographicProfile LowGradeConfidentiality = 3;
-    const CryptographicProfile AgreedDefault = 5;
-    // Security Mechanism CSI_ECMA_Secret
-    const IOP::ComponentId TAG_CSI_ECMA_Secret_SEC_MECH = 18;
-    struct CSI_ECMA_Secret {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        CryptographicProfileList crypto_profile;
-        SecurityName security_name;
-    };
-    // Security Mechanism CSI_ECMA_Hybrid
-    const IOP::ComponentId TAG_CSI_ECMA_Hybrid_SEC_MECH = 19;
-    struct CSI_ECMA_Hybrid {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        CryptographicProfileList crypto_profile;
-        SecurityName security_name;
-    };
-    // Security Mechanism CSI_ECMA_Public
-    const IOP::ComponentId TAG_CSI_ECMA_Public_SEC_MECH = 21;
-    struct CSI_ECMA_Public {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        CryptographicProfileList crypto_profile;
-        SecurityName security_name;
-    };
-    // Tagged component for configuring SECIOP as a CSIv2 mechanism transport
-    const IOP::ComponentId TAG_SECIOP_SEC_TRANS = 35;
-    struct SECIOP_SEC_TRANS {
-        Security::AssociationOptions target_supports;
-        Security::AssociationOptions target_requires;
-        Security::OID mech_oid;
-        Security::GSS_NT_ExportedName target_name;
-        unsigned short port;
-    };
-};
-#endif /* _SECIOP_IDL */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/Security.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/Security.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/Security.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/Security.idl Sat Jan 28 11:04:11 2006
@@ -1,313 +1,412 @@
+//Security Service, v1.8 - OMG IDL Summary File
+//Object Management Group, Inc.
+//
+//Copyright 1995, AT&T Global Information Solutions Company
+//Copyright 1995, Digital Equipment Corporation
+//Copyright 1995, Expersoft Corporation
+//Copyright 1995, Groupe Bull
+//Copyright 1995, Hewlett-Packard Company
+//Copyright 1995, IBM (in collaboration with Taligent, Inc.)
+//Copyright 1995, International Computers Limited
+//Copyright 2000, Object Management Group, Inc.
+//Copyright 1995, Netscape Communications Corporation
+//Copyright 1997, Northern Telecom Limited
+//Copyright 1995, Novell, Inc.
+//Copyright 1995, Siemens Nixdorf Informationssysteme AG
+//Copyright 1995, 1997, SunSoft, Inc.
+//Copyright 1995, Tandem Computer, Inc. (in collaboration with Odyssey Research Assoc, Inc.)
+//Copyright 1995, Tivoli Systems, Inc.
+//Copyright 1997, Visigenic Software, Inc.
+//
+//The companies listed above have granted to the Object Management Group, Inc.
+//(OMG) a nonexclusive, royalty-free, paid up, worldwide license to copy and
+//distribute this document and to modify this document and distribute copies of
+//the modified version. Each of the copyright holders listed above has agreed
+//that no person shall be deemed to have infringed the copyright in the included
+//material of any such copyright holder by reason of having used the
+//specification set forth herein or having conformed any computer software to
+//the specification.
+//
+//This file contains OMG IDL from the Security Service, v1.8 specification.
+//OMG regularly publishes a summary file that contains all the "code" parts of
+//an OMG formal document. Every formal document line that is IDL, PIDL, or
+//language code is included in the summary file. The reason for such a listing
+//is to give readers an electronic version of the "code" so that they can
+//extract pieces of it. Readers might want to test an example, include it in
+//their own code, or use it for documentation purposes. Having the code lines
+//available electronically means there is less likelihood of a transcription
+//error.
+//
+//This subsection defines the OMG IDL for security data types common to the
+//other security modules, which is the module Security. The Security module
+//depends on the TimeBase module and the CORBA module.
+
+
+
+
 #ifndef _SECURITY_IDL_
 #define _SECURITY_IDL_
-
-#include <orb.idl>
-#include <TimeBase.idl>
+#include "geronimo-orb.idl"
+#include "TimeBase.idl"
 #pragma prefix "omg.org"
+
 module Security {
-# pragma version Security 1.5
-    typedef string SecurityName;
-    typedef sequence <octet> Opaque;
-    // Constant declarations for Security Service Options
-    const CORBA::ServiceOption SecurityLevel1 = 1;
-    const CORBA::ServiceOption SecurityLevel2 = 2;
-    const CORBA::ServiceOption NonRepudiation = 3;
-    const CORBA::ServiceOption SecurityORBServiceReady = 4;
-    const CORBA::ServiceOption SecurityServiceReady = 5;
-    const CORBA::ServiceOption ReplaceORBServices = 6;
-    const CORBA::ServiceOption ReplaceSecurityServices = 7;
-    const CORBA::ServiceOption StandardSecureInteroperability = 8;
-    const CORBA::ServiceOption DCESecureInteroperability = 9;
-    // Service options for Common Secure Interoperability
-    const CORBA::ServiceOption CommonInteroperabilityLevel0 = 10;
-    const CORBA::ServiceOption CommonInteroperabilityLevel1 = 11;
-    const CORBA::ServiceOption CommonInteroperabilityLevel2 = 12;
-    // Security mech types supported for secure association
-    const CORBA::ServiceDetailType SecurityMechanismType = 1;
-    // privilege types supported in standard access policy
-    const CORBA::ServiceDetailType SecurityAttribute = 2;
-    // extensible families for standard data types
-    struct ExtensibleFamily {
-        unsigned short family_definer;
-        unsigned short family;
-    };
-    // security attributes
-    typedef unsigned long SecurityAttributeType;
-    // other attributes; family = 0
-    const SecurityAttributeType AuditId = 1;
-    const SecurityAttributeType AccountingId = 2;
-    const SecurityAttributeType NonRepudiationId = 3;
-    // privilege attributes; family = 1
-    const SecurityAttributeType _Public = 1;
-    const SecurityAttributeType AccessId = 2;
-    const SecurityAttributeType PrimaryGroupId = 3;
-    const SecurityAttributeType GroupId = 4;
-    const SecurityAttributeType Role = 5;
-    const SecurityAttributeType AttributeSet = 6;
-    const SecurityAttributeType Clearance = 7;
-    const SecurityAttributeType Capability = 8;
-    struct AttributeType {
-        ExtensibleFamily attribute_family;
-        SecurityAttributeType attribute_type;
-    };
-    typedef sequence<AttributeType> AttributeTypeList;
-    struct SecAttribute {
-        AttributeType attribute_type;
-        Opaque defining_authority;
-        Opaque value;
-        // the value of this attribute can be
-        // interpreted only with knowledge of type
-    };
-    typedef sequence <SecAttribute> AttributeList;
-    // Authentication return status
-    enum AuthenticationStatus {
-        SecAuthSuccess,
-        SecAuthFailure,
-        SecAuthContinue,
-        SecAuthExpired
-    };
-    // Association return status
-    enum AssociationStatus {
-        SecAssocSuccess,
-        SecAssocFailure,
-        SecAssocContinue
-    };
-    // Authentication method
-    typedef unsigned long AuthenticationMethod;
-    typedef sequence<AuthenticationMethod> AuthenticationMethodList;
-    // Credential types which can be set as Current default
-    enum CredentialType {
-        SecInvocationCredentials,
-        SecNRCredentials
-    };
-    enum InvocationCredentialsType {
-        SecOwnCredentials,
-        SecReceivedCredentials
-    };
-    // Declarations related to Rights
-    struct Right {
-        ExtensibleFamily rights_family;
-        string right;
-    };
-    typedef sequence <Right> RightsList;
-    enum RightsCombinator {
-        SecAllRights,
-        SecAnyRight
-    };
-    // Delegation related
-    enum DelegationState {
-        SecInitiator,
-        SecDelegate
-    };
-    enum DelegationDirective {
-        Delegate,
-        NoDelegate
-    };
-    // pick up from TimeBase
-    typedef TimeBase::UtcT UtcT;
-    typedef TimeBase::IntervalT IntervalT;
-    typedef TimeBase::TimeT TimeT;
-    // Security features available on credentials.
-    enum SecurityFeature {
-        SecNoDelegation,
-        SecSimpleDelegation,
-        SecCompositeDelegation,
-        SecNoProtection,
-        SecIntegrity,
-        SecConfidentiality,
-        SecIntegrityAndConfidentiality,
-        SecDetectReplay,
-        SecDetectMisordering,
-        SecEstablishTrustInTarget,
-        SecEstablishTrustInClient
-    };
-    // Quality of protection which can be specified
-    // for an object reference and used to protect messages
-    enum QOP {
-        SecQOPNoProtection,
-        SecQOPIntegrity,
-        SecQOPConfidentiality,
-        SecQOPIntegrityAndConfidentiality
-    };
-    // Type of SecurityContext
-    enum SecurityContextType {
-        SecClientSecurityContext,
-        SecServerSecurityContext
-    };
-    // Operational State of a Security Context
-    enum SecurityContextState {
-        SecContextInitialized,
-        SecContextContinued,
-        SecContextClientEstablished,
-        SecContextEstablished,
-        SecContextEstablishExpired,
-        SecContextExpired,
-        SecContextInvalid
-    };
-    // For use with SecurityReplaceable
-    struct OpaqueBuffer {
-        Opaque buffer;
-        unsigned long startpos;
-        unsigned long endpos;
-        // startpos <= endpos
-        // OpaqueBuffer is said to be empty if startpos == endpos
-    };
-    // Association options which can be administered
-    // on secure invocation policy and used to
-    // initialize security context
-    typedef unsigned short AssociationOptions;
-    const AssociationOptions NoProtection = 1;
-    const AssociationOptions Integrity = 2;
-    const AssociationOptions Confidentiality = 4;
-    const AssociationOptions DetectReplay = 8;
-    const AssociationOptions DetectMisordering = 16;
-    const AssociationOptions EstablishTrustInTarget = 32;
-    const AssociationOptions EstablishTrustInClient = 64;
-    const AssociationOptions NoDelegation = 128;
-    const AssociationOptions SimpleDelegation = 256;
-    const AssociationOptions CompositeDelegation = 512;
-    const AssociationOptions IdentityAssertion = 1024;
-    const AssociationOptions DelegationByClient = 2048;
-    //Types Defined for CSIv2
-    typedef sequence <octet> OID;
-    // An X509CertificateChain contains an ASN.1 BER encoded SEQUENCE [1..MAX]
-    // OF X.509 certificates encapsulated in a sequence of octets. The
-    // subject’s certificate shall come first in the list. Each following
-    // certificate shall directly certify the one preceding it. The ASN.1
-    // representation of Certificate is as defined in [IETF RFC 2459].
-    typedef sequence <octet> X509CertificateChain;
-    // an X.501 type name or Distinguished Name encapsulated in a sequence of
-    // octets containing the ASN.1 encoding.
-    
-    typedef sequence <octet> X501DistinguishedName;
-    typedef sequence <octet> UTF8String;
-    typedef UTF8String NameValue;
-    struct ScopedName {
-        Security::NameValue name_scope;
-        Security::NameValue name_value;
-    };
-    // A sequence of octets containing a GSStoken. Initial context tokens are
-    // ASN.1 encoded as defined in [IETF RFC 2743] Section 3.1,
-    // "Mechanism-Independent token Format", pp. 81-82. Initial context tokens
-    // contain an ASN.1 tag followed by a token length, a mechanism identifier,
-    // and a mechanism-specific token (i.e. a GSSUP::InitialContextToken). The
-    // encoding of all other GSS tokens (e.g.  error tokens and final context
-    // tokens) is mechanism dependent.
-    typedef sequence <octet> GSSToken;
-    // An encoding of a GSS Mechanism-Independent Exported Name Object as
-    // defined in [IETF RFC 2743] Section 3.2, "GSS Mechanism-Independent
-    // Exported Name Object Format," p. 84.
-    typedef sequence <octet> GSS_NT_ExportedName;
-    // End types defined for CSIv2 Flag to indicate whether association options
-    // being administered are the “required” or “supported” set
-    enum RequiresSupports {
-        SecRequires,
-        SecSupports
-    };
-    // Direction of communication for which
-    // secure invocation policy applies
-    enum CommunicationDirection {
-        SecDirectionBoth,
-        SecDirectionRequest,
-        SecDirectionReply
-    };
-    // security association mechanism type
-    typedef string MechanismType;
-    typedef sequence<MechanismType> MechanismTypeList;
-    struct SecurityMechanismData {
-        MechanismType mechanism;
-        Opaque security_name;
-        AssociationOptions options_supported;
-        AssociationOptions options_required;
-    };
-    typedef sequence<SecurityMechanismData>SecurityMechanismDataList;
-    // AssociationOptions-Direction pair
-    struct OptionsDirectionPair {
-        AssociationOptions options;
-        CommunicationDirection direction;
-    };
-    typedef sequence <OptionsDirectionPair> OptionsDirectionPairList;
-    // Delegation mode which can be administered
-    enum DelegationMode {
-        SecDelModeNoDelegation, // i.e. use own credentials
-        SecDelModeSimpleDelegation, // delegate received credentials
-        SecDelModeCompositeDelegation // delegate both;
-    };
-    // Association options supported by a given mech type
-    struct MechandOptions {
-        MechanismType mechanism_type;
-        AssociationOptions options_supported;
-    };
-    typedef sequence <MechandOptions> MechandOptionsList;
-    // Attribute of the SecurityLevel2::EstablishTrustPolicy
-    struct EstablishTrust {
-        boolean trust_in_client;
-        boolean trust_in_target;
-    };
-    // Audit
-    typedef unsigned long AuditChannelId;
-    typedef unsigned short EventType;
-    const EventType AuditAll = 0;
-    const EventType AuditPrincipalAuth = 1;
-    const EventType AuditSessionAuth = 2;
-    const EventType AuditAuthorization = 3;
-    const EventType AuditInvocation = 4;
-    const EventType AuditSecEnvChange = 5;
-    const EventType AuditPolicyChange = 6;
-    const EventType AuditObjectCreation = 7;
-    const EventType AuditObjectDestruction = 8;
-    const EventType AuditNonRepudiation = 9;
-    enum DayOfTheWeek {
-        Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday};
-    enum AuditCombinator {
-        SecAllSelectors,
-        SecAnySelector
-    };
-    struct AuditEventType {
-        ExtensibleFamily event_family;
-        EventType event_type;
-    };
-    typedef sequence <AuditEventType> AuditEventTypeList;
-    typedef unsigned long SelectorType;
-    const SelectorType InterfaceName = 1;
-    const SelectorType ObjectRef = 2;
-    const SelectorType Operation = 3;
-    const SelectorType Initiator = 4;
-    const SelectorType SuccessFailure = 5;
-    const SelectorType Time = 6;
-    const SelectorType DayOfWeek = 7;
-    // values defined for audit_needed and audit_write are:
-    // InterfaceName: CORBA::RepositoryId
-    // ObjectRef: object reference
-    // Operation: op_name
-    // Initiator: Credentials
-    // SuccessFailure: boolean
-    // Time: utc time on audit_write; time picked up from
-    // environment in audit_needed if required
-    // DayOfWeek: DayOfTheWeek
-    struct SelectorValue {
-        SelectorType selector;
-        any value;
-    };
-    typedef sequence <SelectorValue> SelectorValueList;
-    // Constant declaration for valid Security Policy Types
-    // General administrative policies
-    const CORBA::PolicyType SecClientInvocationAccess = 1;
-    const CORBA::PolicyType SecTargetInvocationAccess = 2;
-    const CORBA::PolicyType SecApplicationAccess = 3;
-    const CORBA::PolicyType SecClientInvocationAudit = 4;
-    const CORBA::PolicyType SecTargetInvocationAudit = 5;
-    const CORBA::PolicyType SecApplicationAudit = 6;
-    const CORBA::PolicyType SecDelegation = 7;
-    const CORBA::PolicyType SecClientSecureInvocation = 8;
-    const CORBA::PolicyType SecTargetSecureInvocation = 9;
-    const CORBA::PolicyType SecNonRepudiation = 10;
-    // Policies used to control attributes of a binding to a target
-    const CORBA::PolicyType SecMechanismsPolicy = 12;
-    const CORBA::PolicyType SecInvocationCredentialsPolicy = 13;
-    const CORBA::PolicyType SecFeaturePolicy = 14; // obsolete
-    const CORBA::PolicyType SecQOPPolicy = 15;
-    const CORBA::PolicyType SecDelegationDirectivePolicy = 38;
-    const CORBA::PolicyType SecEstablishTrustPolicy = 39;
+
+# pragma version Security 1.8
+
+	typedef string 			SecurityName;
+	typedef sequence <octet> 	Opaque;
+	
+	// Constant declarations for Security Service Options
+	
+	const CORBA::ServiceOption SecurityLevel1 = 1;
+	const CORBA::ServiceOption SecurityLevel2 = 2;
+	const CORBA::ServiceOption NonRepudiation = 3;
+	const CORBA::ServiceOption SecurityORBServiceReady = 4;
+	const CORBA::ServiceOption SecurityServiceReady = 5;
+	const CORBA::ServiceOption ReplaceORBServices = 6;
+	const CORBA::ServiceOption ReplaceSecurityServices = 7;
+	const CORBA::ServiceOption StandardSecureInteroperability = 8;
+	const CORBA::ServiceOption DCESecureInteroperability = 9;
+	
+	// Service options for Common Secure Interoperability
+	
+	const CORBA::ServiceOption CommonInteroperabilityLevel0 = 10;
+	const CORBA::ServiceOption CommonInteroperabilityLevel1 = 11;
+	const CORBA::ServiceOption CommonInteroperabilityLevel2 = 12;
+	
+	// Security mech types supported for secure association
+	const CORBA::ServiceDetailType SecurityMechanismType = 1;
+	
+	// privilege types supported in standard access policy
+	const CORBA::ServiceDetailType SecurityAttribute = 2;
+	
+	// extensible families for standard data types
+	
+	struct ExtensibleFamily {
+		unsigned short family_definer;
+		unsigned short family;
+	};
+	
+	typedef sequence<octet> 	OID;
+	
+	typedef sequence<OID> 		OIDList;
+	
+	// security attributes
+	
+	typedef unsigned long SecurityAttributeType;
+	
+	// other attributes; family = 0
+	
+	const SecurityAttributeType AuditId = 1;
+	const SecurityAttributeType AccountingId = 2;
+	const SecurityAttributeType NonRepudiationId = 3;
+
+	// privilege attributes; family = 1
+	
+	const SecurityAttributeType _Public = 1;
+	const SecurityAttributeType AccessId = 2;
+	const SecurityAttributeType PrimaryGroupId = 3;
+	const SecurityAttributeType GroupId = 4;
+	const SecurityAttributeType Role = 5;
+	const SecurityAttributeType AttributeSet = 6;
+	const SecurityAttributeType Clearance = 7;
+	const SecurityAttributeType Capability = 8;
+	
+	struct AttributeType {
+		ExtensibleFamily attribute_family;
+		SecurityAttributeType attribute_type;
+	};
+	
+	typedef sequence<AttributeType> AttributeTypeList;
+	
+	struct SecAttribute {
+		AttributeType attribute_type;
+		OID defining_authority;
+		Opaque value;
+		// the value of this attribute can be
+		// decoded only with knowledge of defining_authority
+	};
+	
+	typedef sequence <SecAttribute> AttributeList;
+	
+	// Authentication return status
+	
+	enum AuthenticationStatus {
+	SecAuthSuccess,
+		SecAuthFailure,
+		SecAuthContinue,
+		SecAuthExpired
+	};
+	
+	// Association return status
+	
+	enum AssociationStatus {
+		SecAssocSuccess,
+		SecAssocFailure,
+		SecAssocContinue
+	};
+	
+	// Authentication method
+	
+	typedef unsigned long AuthenticationMethod;
+	
+	typedef sequence<AuthenticationMethod> AuthenticationMethodList;
+	
+	// Credential types
+	
+	enum InvocationCredentialsType {
+		SecOwnCredentials,
+		SecReceivedCredentials,
+		SecTargetCredentials
+	};
+	
+	// Declarations related to Rights
+	struct Right {
+		ExtensibleFamily rights_family;
+		string the_right;
+	};
+	
+	typedef sequence <Right> RightsList;
+	
+	enum RightsCombinator {
+		SecAllRights,
+		SecAnyRight
+	};
+	
+	// Delegation related
+	
+	enum DelegationState {
+		SecInitiator,
+		SecDelegate
+	};
+	
+	enum DelegationDirective {
+		Delegate,
+		NoDelegate
+	};
+	
+	// pick up from TimeBase
+	
+	typedef TimeBase::UtcT UtcT;
+	typedef TimeBase::IntervalT IntervalT;
+	typedef TimeBase::TimeT TimeT;
+	
+	// Security features available on credentials.
+	
+	enum SecurityFeature {
+		SecNoDelegation,
+		SecSimpleDelegation,
+		SecCompositeDelegation,
+		SecNoProtection,
+		SecIntegrity,
+		SecConfidentiality,
+		SecIntegrityAndConfidentiality,
+		SecDetectReplay,
+		SecDetectMisordering,
+		SecEstablishTrustInTarget,
+		SecEstablishTrustInClient
+	};
+	
+	// Quality of protection which can be specified
+	// for an object reference and used to protect messages
+	
+	enum QOP {
+		SecQOPNoProtection,
+		SecQOPIntegrity,
+		SecQOPConfidentiality,
+		SecQOPIntegrityAndConfidentiality
+	};
+	
+	// Type of SecurityContext
+	
+	enum SecurityContextType {
+		SecClientSecurityContext,
+		SecServerSecurityContext
+	};
+	
+	// Operational State of a Security Context
+	
+	enum SecurityContextState {
+		SecContextInitialized,
+		SecContextContinued,
+		SecContextClientEstablished,
+		SecContextEstablished,
+		SecContextEstablishExpired,
+		SecContextExpired,
+		SecContextInvalid
+	};
+	
+	struct ChannelBindings {
+		unsigned long initiator_addrtype;
+		sequence<octet> initiator_address;
+		unsigned long acceptor_addrtype;
+		sequence<octet> acceptor_address;
+		sequence<octet> application_data;
+	};
+	
+	// For use with SecurityReplaceable
+	
+	struct OpaqueBuffer {
+		Opaque buffer;
+		unsigned long startpos;
+		unsigned long endpos;
+		// startpos <= endpos
+		// OpaqueBuffer is said to be empty if startpos == endpos
+	};
+	
+	// Association options which can be administered
+	// on secure invocation policy and used to
+	// initialize security context
+	
+	typedef unsigned short AssociationOptions;
+	
+	const AssociationOptions NoProtection = 1;
+	const AssociationOptions Integrity = 2;
+	const AssociationOptions Confidentiality = 4;
+	const AssociationOptions DetectReplay = 8;
+	const AssociationOptions DetectMisordering = 16;
+	const AssociationOptions EstablishTrustInTarget = 32;
+	const AssociationOptions EstablishTrustInClient = 64;
+	const AssociationOptions NoDelegation = 128;
+	const AssociationOptions SimpleDelegation = 256;
+	const AssociationOptions CompositeDelegation = 512;
+	
+	// Flag to indicate whether association options being
+	// administered are the "required" or "supported" set
+	
+	enum RequiresSupports {
+		SecRequires,
+		SecSupports
+	};
+	
+	// Direction of communication for which
+	// secure invocation policy applies
+	
+	enum CommunicationDirection {
+		SecDirectionBoth,
+		SecDirectionRequest,
+		SecDirectionReply
+	};
+	
+	// security association mechanism type
+	
+	typedef string MechanismType;
+	typedef sequence<MechanismType> MechanismTypeList;
+	
+	// AssociationOptions-Direction pair
+	
+	struct OptionsDirectionPair {
+		AssociationOptions options;
+		CommunicationDirection direction;
+	};
+	
+	typedef sequence <OptionsDirectionPair> OptionsDirectionPairList;
+	
+	// Delegation mode which can be administered
+	
+	enum DelegationMode {
+		SecDelModeNoDelegation, // i.e. use own credentials
+		SecDelModeSimpleDelegation, // delegate received credentials
+		SecDelModeCompositeDelegation // delegate both;
+	};
+	
+	// Association options supported by a given mech type
+	
+	struct MechandOptions {
+		MechanismType mechanism_type;
+		AssociationOptions options_supported;
+	};
+	
+	typedef sequence <MechandOptions> MechandOptionsList;
+	
+	// Attribute of the SecurityLevel2::EstablishTrustPolicy
+	
+	struct EstablishTrust {
+		boolean trust_in_client;
+		boolean trust_in_target;
+	};
+	
+	// Audit
+	
+	typedef unsigned long AuditChannelId;
+	typedef unsigned short EventType;
+	
+	const EventType AuditAll = 0;
+	const EventType AuditPrincipalAuth = 1;
+	const EventType AuditSessionAuth = 2;
+	const EventType AuditAuthorization = 3;
+	const EventType AuditInvocation = 4;
+	const EventType AuditSecEnvChange = 5;
+	const EventType AuditPolicyChange = 6;
+	const EventType AuditObjectCreation = 7;
+	const EventType AuditObjectDestruction = 8;
+	const EventType AuditNonRepudiation = 9;
+	
+	enum DayOfTheWeek {
+		Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday
+	};
+		
+	enum AuditCombinator {
+		SecAllSelectors,
+		SecAnySelector
+	};
+	
+	struct AuditEventType {
+		ExtensibleFamily event_family;
+		EventType event_type;
+	};
+	
+	typedef sequence <AuditEventType> AuditEventTypeList;
+
+	typedef unsigned long SelectorType;
+	
+	const SelectorType InterfaceName = 1;
+	const SelectorType ObjectRef = 2;
+	const SelectorType Operation = 3;
+	const SelectorType Initiator = 4;
+	const SelectorType SuccessFailure = 5;
+	const SelectorType Time = 6;
+	const SelectorType DayOfWeek = 7;
+	
+	// values defined for audit_needed and audit_write are:
+	// InterfaceName: CORBA::RepositoryId
+	// ObjectRef: object reference
+	// Operation: op_name
+	// Initiator: Credentials
+	// SuccessFailure: boolean
+	// Time: utc time on audit_write; time picked up from
+	// environment in audit_needed if required
+	// DayOfWeek: DayOfTheWeek
+	
+	struct SelectorValue {
+		SelectorType selector;
+		any value;
+	};
+	
+	typedef sequence <SelectorValue> SelectorValueList;
+	
+	// Constant declaration for valid Security Policy Types
+	
+	// General administrative policies
+	
+	const CORBA::PolicyType SecClientInvocationAccess = 1;
+	const CORBA::PolicyType SecTargetInvocationAccess = 2;
+	const CORBA::PolicyType SecApplicationAccess = 3;
+	const CORBA::PolicyType SecClientInvocationAudit = 4;
+	const CORBA::PolicyType SecTargetInvocationAudit = 5;
+	const CORBA::PolicyType SecApplicationAudit = 6;
+	const CORBA::PolicyType SecDelegation = 7;
+	const CORBA::PolicyType SecClientSecureInvocation = 8;
+	const CORBA::PolicyType SecTargetSecureInvocation = 9;
+	const CORBA::PolicyType SecNonRepudiation = 10;
+	
+	// Policies used to control attributes of a binding to a target
+	const CORBA::PolicyType SecMechanismsPolicy = 12;
+	const CORBA::PolicyType SecInvocationCredentialsPolicy = 13;
+	const CORBA::PolicyType SecFeaturePolicy = 14; // obsolete
+	const CORBA::PolicyType SecQOPPolicy = 15;
+	const CORBA::PolicyType SecDelegationDirectivePolicy = 38;
+	const CORBA::PolicyType SecEstablishTrustPolicy = 39;
 };
 #endif /* _SECURITY_IDL_ */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityAdmin.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityAdmin.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityAdmin.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityAdmin.idl Sat Jan 28 11:04:11 2006
@@ -1,127 +0,0 @@
-#ifndef _SECURITY_ADMIN_IDL
-#define _SECURITY_ADMIN_IDL
-
-#pragma prefix "omg.org"
-#include <SecurityLevel2.idl>
-
-module SecurityAdmin 
-{
-
-    // interface AccessPolicy
-    interface AccessPolicy : CORBA::Policy 
-    {
-
-	Security::RightsList get_effective_rights (
-		     in      Security::AttributeList            attrib_list,
-		     in Security::ExtensibleFamily  rights_family
-		     );
-
-	Security::RightsList get_all_effective_rights( 
-		     in     Security::AttributeList            attrib_list 
-		     ); 
-    };
-
-    // interface DomainAccessPolicy
-    interface DomainAccessPolicy : AccessPolicy 
-    {
-
-	void grant_rights(
-			  in Security::SecAttribute                  priv_attr,
-			  in Security::DelegationState               del_state,
-			  in Security::RightsList                    rights
-			  );
-
-	void revoke_rights(
-                           in Security::SecAttribute                  priv_attr,
-                           in Security::DelegationState               del_state,
-                           in Security::RightsList                    rights
-			   );
-
-	void replace_rights (
-			     in Security::SecAttribute                  priv_attr,
-			     in Security::DelegationState               del_state,
-			     in Security::RightsList                    rights
-			     );
-
-	Security::RightsList get_rights (
-			   in Security::SecAttribute                  priv_attr,
-			   in Security::DelegationState               del_state,
-			   in Security::ExtensibleFamily  rights_family
-			   );
-
-	Security::RightsList get_all_rights( 
-			   in     Security::SecAttribute                                   priv_attr, 
-			   in     Security::DelegationState                                del_state 
-			   ); 
-    };
-
-    // interface AuditPolicy
-    interface AuditPolicy : CORBA::Policy 
-    {
-
-	void set_audit_selectors (
-                    in      CORBA::RepositoryId                                      object_type,
-		    in      Security::AuditEventTypeList                             events,
-		    in      Security::SelectorValueList                              selectors,
-		    in Security::AuditCombinator  audit_combinator 
-		    );
-
-	void clear_audit_selectors (
-		    in      CORBA::RepositoryId                                      object_type,
-		    in      Security::AuditEventTypeList                             events 
-		    );
-
-	void replace_audit_selectors (
-		in      CORBA::RepositoryId                                     object_type,
-		in      Security::AuditEventTypeList                             events,
-		in      Security::SelectorValueList                              selectors,
-		in Security::AuditCombinator  audit_combinator 
-		); 
-
-	void get_audit_selectors (
-		   in      CORBA::RepositoryId                                      object_type,
-		   in      Security::AuditEventType event_type,
-		   out     Security::SelectorValueList                              selectors,
-		   out Security::AuditCombinator                                    audit_combinator 
-		   ); 
-
-	void set_audit_channel (
-		in      Security::AuditChannelId                                 audit_channel_id
-		);
-    };
-
-    // interface SecureInvocationPolicy
-    
-    interface SecureInvocationPolicy : CORBA::Policy 
-    {
-
-	void set_association_options(
-		in CORBA::InterfaceDef                                           object_type,
-		in Security::RequiresSupports                                    requires_supports,
-		in Security::CommunicationDirection  direction,
-		in Security::AssociationOptions                                  options 
-		);
-
-	Security::AssociationOptions get_association_options(
-		in CORBA::InterfaceDef                           object_type,
-		in Security::RequiresSupports                    requires_supports,
-		in Security::CommunicationDirection direction
-		); 
-    };
-
-    // interface DelegationPolicy
-    interface DelegationPolicy : CORBA::Policy 
-    {
-
-	void set_delegation_mode(
-		in CORBA::InterfaceDef                           object_type,
-		in Security::DelegationMode                      mode
-		);
-
-	Security::DelegationMode get_delegation_mode(
-		in CORBA::InterfaceDef                           object_type
-		);
-    };
-};
-
-#endif /* _SECURITY_ADMIN_IDL_ */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel1.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel1.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel1.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel1.idl Sat Jan 28 11:04:11 2006
@@ -1,21 +0,0 @@
-// $Id: SecurityLevel1.idl,v 1.2 2001/09/22 14:51:13 jso Exp $
-
-#ifndef _SECURITY_LEVEL_1_IDL
-#define _SECURITY_LEVEL_1_IDL
-
-#pragma prefix "omg.org"
-
-#include <Security.idl>
-
-module SecurityLevel1 
-{		
-    interface Current : CORBA::Current 
-    {	
-	// Locality Constrained
-	// thread specific operations
-
-      Security::AttributeList get_attributes (in Security::AttributeTypeList attributes );
-    };
-	
-};
-#endif /* _SECURITY_LEVEL_1_IDL */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel2.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel2.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel2.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityLevel2.idl Sat Jan 28 11:04:11 2006
@@ -1,237 +0,0 @@
-// $Id: SecurityLevel2.idl,v 1.2 2001/09/22 14:51:13 jso Exp $
-
-#ifndef _SECURITY_LEVEL_2_IDL
-#define _SECURITY_LEVEL_2_IDL
-
-#pragma prefix "omg.org"
-#include <SecurityLevel1.idl>
-
-module SecurityLevel2 
-{
-    // Forward declaration of interfaces
-    interface PrincipalAuthenticator;
-    interface Credentials;
-    interface Current;
-
-
-    interface PrincipalAuthenticator 
-    {
-	Security::AuthenticationMethodList get_supported_authen_methods(
-                in     Security::MechanismType                   mechanism
-		);
-
-	Security::AuthenticationStatus authenticate (
-		in Security::AuthenticationMethod method,
-		in Security::MechanismType        mechanism,
-		in Security::SecurityName         security_name,
-		in Security::Opaque               auth_data,
-		in Security::AttributeList        privileges,
-		out Credentials                   creds,
-		out Security::Opaque              continuation_data,
-		out Security::Opaque              auth_specific_data
-		);
-	
-	Security::AuthenticationStatus continue_authentication (
-		in    Security::Opaque            response_data,
-		in    Credentials                 creds,
-		out  Security::Opaque             continuation_data,
-		out  Security::Opaque             auth_specific_data
-		);
-    };
-    
-
-    interface Credentials 
-    {
-
-	Credentials copy ();
-
-	void destroy();
-
-	readonly attribute Security::InvocationCredentialsType credentials_type;
-	readonly attribute Security::AuthenticationStatus authentication_state;
-	readonly attribute Security::MechanismType mechanism;
-
-	attribute Security::AssociationOptions accepting_options_supported;
-	attribute Security::AssociationOptions accepting_options_required;
-	attribute Security::AssociationOptions invocation_options_supported;
-	attribute Security::AssociationOptions invocation_options_required;
-
-	boolean get_security_feature(
-		in    Security::CommunicationDirection           direction,
-		in    Security::SecurityFeature                  feature
-		);
-
-	boolean set_privileges (
-		in      boolean                                force_commit,
-		in      Security::AttributeList                requested_privileges,
-		out     Security::AttributeList                actual_privileges
-		);
-
-	Security::AttributeList get_attributes (in Security::AttributeTypeList attributes);
-
-	boolean is_valid (
-                out     Security::UtcT                         expiry_time
-		);
-
-	boolean refresh(
-		in      Security::Opaque                               refresh_data
-		);
-    };
-
-    typedef sequence <Credentials>                          CredentialsList;
-
-    interface ReceivedCredentials : Credentials 
-    {
-	readonly attribute Credentials  accepting_credentials;
-	readonly attribute Security::AssociationOptions association_options_used;
-	readonly attribute Security::DelegationState  delegation_state;
-	readonly attribute Security::DelegationMode delegation_mode;
-    };
-
-    // RequiredRights Interface
-
-    interface RequiredRights
-    {
-	void get_required_rights(
-		in Object                                      obj,
-		in CORBA::Identifier                           operation_name,
-		in CORBA::RepositoryId                         interface_name,
-		out Security::RightsList                       rights,
-		out Security::RightsCombinator rights_combinator
-		);
-
-	    void set_required_rights(
-		in CORBA::Identifier                     operation_name,
-		in     CORBA::RepositoryId               interface_name,
-		in Security::RightsList                  rights,
-		in Security::RightsCombinator            rights_combinator
-		);
-    };
-
-    // interface audit channel
-    interface AuditChannel 
-    {
-	void audit_write (
-		in     Security::AuditEventType                               event_type,
-		in     CredentialsList                                        creds,  
-		in     Security::UtcT                                         time,
-		in     Security::SelectorValueList                            descriptors,
-		in     Security::Opaque                                       event_specific_data
-		);
-	
-	readonly attribute Security::AuditChannelId  audit_channel_id;
-    };
-
-    // interface for Audit Decision 
-
-    interface AuditDecision 
-    {
-	boolean audit_needed (
-		in Security::AuditEventType                                   event_type,
-		in Security::SelectorValueList                                value_list
-		);
-
-	readonly attribute AuditChannel audit_channel;
-    };
-
-    interface AccessDecision 
-    {
-	boolean access_allowed (
-		in     SecurityLevel2::CredentialsList cred_list,
-		in     Object                          target,
-		in     CORBA::Identifier               operation_name,
-		in     CORBA::Identifier               target_interface_name
-		);
-    };
-
-    // Policy interfaces to control bindings
-
-    interface QOPPolicy : CORBA::Policy 
-    {
-	readonly attribute Security::QOP                 qop;
-    };
-
-
-    interface MechanismPolicy : CORBA::Policy 
-    {
-	readonly attribute Security::MechanismTypeList mechanisms;
-    };
-
-    interface InvocationCredentialsPolicy : CORBA::Policy 
-    {
-	readonly attribute CredentialsList                          creds;
-    };
-
-    interface EstablishTrustPolicy : CORBA::Policy 
-    {
-	readonly attribute Security::EstablishTrust                 trust;
-    };
-
-    interface DelegationDirectivePolicy : CORBA::Policy 
-    { 
-	readonly attribute Security::DelegationDirective  delegation_directive;
-    };
-
-    enum DelegationMode { Delegate, NoDelegate };
-
-
-    // Interface Current derived from SecurityLevel1::Current  providing 
-    // additional operations on Current at this security level. 
-    // This is implemented by the ORB
-
-    interface Current : SecurityLevel1::Current 
-    {
-	// Thread specific
-
-	readonly attribute ReceivedCredentials received_credentials;
-
-	void set_credentials (
-		 in      Security::CredentialType cred_type,
-		 in      CredentialsList                     creds,
-		 in      DelegationMode                      del
-		 );
-
-	CredentialsList get_credentials (
-       		 in      Security::CredentialType cred_type
-		 );
-
-	CORBA::Policy get_policy (
-	      	 in      CORBA::PolicyType                   policy_type
-		 );
-
-	void remove_own_credentials(
-      	         in      Credentials                         credentials
-		 );
-
-	    // Process/Capsule/ORB Instance specific operations
-
-	readonly attribute Security::MechandOptionsList              supported_mechanisms;
-	readonly attribute CredentialsList                 own_credentials;
-	readonly attribute RequiredRights                  required_rights_object;
-	readonly attribute PrincipalAuthenticator          principal_authenticator;
-	readonly attribute AccessDecision                  access_decision;
-	readonly attribute AuditDecision                   audit_decision;
-
-	// Security mechanism data for a given target
-	Security::SecurityMechanismDataList get_security_mechanisms (
-		in    Object                                 obj_ref
-		);
-
-	// Factory operations for local policies controlling bindings
-	QOPPolicy create_qop_policy(
-	        in    Security::QOP                          qop
-		);
-
-	MechanismPolicy create_mechanism_policy(
-	      	in    Security::MechanismTypeList                               mechanisms
-		);
-
-	InvocationCredentialsPolicy create_invoc_creds_policy(
-		in    CredentialsList                        creds
-		);
-    };
-};
-
-
-
-#endif /* _SECURITY_LEVEL_2_IDL */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityReplaceable.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityReplaceable.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityReplaceable.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SecurityReplaceable.idl Sat Jan 28 11:04:11 2006
@@ -1,143 +0,0 @@
-// taken from OMG Security Service Spec. V 1.5
-
-#ifndef _SECURITY_REPLACEABLE_IDL
-#define _SECURITY_REPLACEABLE_IDL
-
-#pragma prefix "omg.org"
-
-#include <SecurityLevel2.idl>
-
-module SecurityReplaceable 
-{
-
-    interface SecurityContext;
-    interface ClientSecurityContext;
-    interface ServerSecurityContext;
-
-    interface Vault 
-    {                            
-	    // Locality Constrained
-
-	Security::AuthenticationMethodList get_supported_authen_methods(
-		in Security::MechanismType mechanism
-		);
-
-	Security::AuthenticationStatus acquire_credentials(
-		in       Security::AuthenticationMethod method,
-		in       Security::MechanismType                 mechanism,
-		in       Security::SecurityName security_name,
-		in       Security::Opaque auth_data,
-		in       Security::AttributeList                 privileges,
-		out      SecurityLevel2::Credentials creds,
-		out      Security::Opaque                        continuation_data,
-		out      Security::Opaque                        auth_specific_data
-		);
-
-	Security::AuthenticationStatus continue_credentials_acquisition(
-		in       Security::Opaque response_data,
-		in       SecurityLevel2::Credentials             creds,
-		out      Security::Opaque                        continuation_data,
-		out      Security::Opaque                        auth_specific_data
-		);
-
-	Security::AssociationStatus init_security_context (
-	        in  SecurityLevel2::Credentials   creds,
-		in Security::SecurityName         target_security_name,
-		in Object                         target,
-		in Security::DelegationMode       delegation_mode,
-		in Security::OptionsDirectionPairList association_options,
-		in Security::MechanismType        mechanism,
-		in     Security::Opaque           mech_data, //from IOR
-		in Security::Opaque               chan_binding,
-		out Security::OpaqueBuffer        security_token,
-		out ClientSecurityContext         security_context
-		);
-	
-	Security::AssociationStatus accept_security_context (
-		in SecurityLevel2::CredentialsList creds_list,
-		in Security::Opaque                chan_bindings,
-		in Security::OpaqueBuffer          in_token,
-		out Security::OpaqueBuffer         out_token,
-		out    ServerSecurityContext       security_context
-		);
-
-	Security::MechandOptionsList get_supported_mechs ();
-    };
-
-    interface SecurityContext 
-    {              // Locality Constrained
-
-	readonly attribute Security::SecurityContextType    context_type; 
-	readonly attribute Security::SecurityContextState   context_state; 
-	readonly attribute Security::MechanismType          mechanism; 
-	readonly attribute boolean                          supports_refresh; 
-	readonly attribute Security::Opaque                 chan_binding; 
-	readonly attribute SecurityLevel2::ReceivedCredentials received_credentials;
-
-	Security::AssociationStatus continue_security_context (
-		in     Security::OpaqueBuffer in_token,
-		out    Security::OpaqueBuffer out_token
-		);
-
-
-	void protect_message (
-		in      Security::OpaqueBuffer message,
-		in      Security::QOP                       qop,
-		out     Security::OpaqueBuffer              text_buffer,
-		out     Security::OpaqueBuffer              token
-		);
-
-	boolean reclaim_message (
-		in      Security::OpaqueBuffer text_buffer,
-		in      Security::OpaqueBuffer token,
-		out     Security::QOP                       qop,
-		out     Security::OpaqueBuffer message
-		);
-
-	boolean is_valid (out Security::UtcT  expiry_time );
-
-	boolean refresh_security_context (
-		in      Security::Opaque refresh_data,
-		out     Security::OpaqueBuffer out_token
-		);
-
-	boolean process_refresh_token (
-		in      Security::OpaqueBuffer refresh_token
-		);
-
-	boolean discard_security_context (
-       	        in      Security::Opaque discard_data,
-		out     Security::OpaqueBuffer out_token
-		);
-
-	boolean process_discard_token (
-		in      Security::OpaqueBuffer discard_token
-		);
-    };
-
-
-    interface ClientSecurityContext : SecurityContext 
-    {
-	// Locality Constrained
-	readonly attribute Security::AssociationOptions  association_options_used; 
-	readonly attribute Security::DelegationMode      delegation_mode; 
-	readonly attribute Security::Opaque              mech_data; 
-	readonly attribute SecurityLevel2::Credentials         client_credentials; 
-	readonly attribute Security::AssociationOptions  server_options_supported; 
-	readonly attribute Security::Opaque server_security_name;
-    };
-
-    interface ServerSecurityContext : SecurityContext 
-    {
-	// Locality Constrained
-	readonly attribute Security::AssociationOptions
-	    association_options_used; 
-	readonly attribute Security::DelegationMode
-	    delegation_mode; 
-	readonly attribute SecurityLevel2::Credentials server_credentials; 
-	readonly attribute Security::AssociationOptions  server_options_supported; 
-	readonly attribute Security::Opaque server_security_name;
-    };
-};
-
-#endif /* _SECURITY_REPLACEABLE_IDL_ */

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SendingContext.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SendingContext.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SendingContext.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/SendingContext.idl Sat Jan 28 11:04:11 2006
@@ -1,41 +0,0 @@
-
-#ifndef SendingContext_IDL
-#define SendingContext_IDL
-
-#include <Corba.idl>
-
-#pragma prefix "omg.org"
-
-module CORBA {
-  //
-  // The abstract type for runtime representations
-  //
-  interface RunTime {};
-
-  //
-  // The specific code base for implementation repository access
-  //
-  interface CodeBase : RunTime {
-
-    typedef sequence<CORBA::ValueDef::FullValueDescription> ValueDescSeq;
-    typedef string URL;
-    typedef sequence<URL> URLSeq;
-    
-    //
-    // acces to implementation repository (Java code base)
-    //
-    URL implementation (in string id);
-    URLSeq implementations (in CORBA::StringSeq ids);
-    
-    //
-    // access to interface repository
-    //
-    CORBA::StringSeq bases (in string id);
-    CORBA::Repository get_ir ();
-    CORBA::ValueDef::FullValueDescription meta (in string id);
-    ValueDescSeq metas (in string id);
-  };
-
-};
-
-#endif

Modified: geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/TimeBase.idl
URL: http://svn.apache.org/viewcvs/geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/TimeBase.idl?rev=373216&r1=373215&r2=373216&view=diff
==============================================================================
--- geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/TimeBase.idl (original)
+++ geronimo/specs/trunk/geronimo-spec-corba-2.3/src/main/idl/TimeBase.idl Sat Jan 28 11:04:11 2006
@@ -1,39 +1,40 @@
-// $Id: TimeBase.idl,v 1.2 2001/09/22 14:51:13 jso Exp $
+//File: TimeBase.idl
+//Part of the Time Service
+// Note: if your IDL compiler does not yet support the 
+//   "long long" data type, compile this module with the 
+//   preprocessor definition "NOLONGLONG". With many 
+//   compilers this would be done with a qualifier on 
+//   the command line, something like -DNOLONGLONG
 
-#ifndef _TIME_BASE_IDL
-#define _TIME_BASE_IDL
+#ifndef _TIME_BASE_IDL_
+#define _TIME_BASE_IDL_
 #pragma prefix "omg.org"
 
-#include <orb.idl>
+module TimeBase {
 
-module TimeBase 
-{
-		
 #ifdef NOLONGLONG
-    struct ulonglong {
-	unsigned long low;
-	unsigned long high;
-    };
-    typedef ulonglong TimeT;
+	struct ulonglong{
+		unsigned long 		low;
+		unsigned long		high;
+	};
+	typedef ulonglong 		TimeT;
 #else
-    typedef unsigned long long TimeT;
+	typedef unsigned long long	TimeT;
 #endif
-		
-    typedef TimeT              InaccuracyT;
-    typedef short              TdfT;
-		
-    struct UtcT {
-	TimeT            time;    // 8 octets
-	unsigned long    inacclo; // 4 octets
-	unsigned short   inacchi; // 4 octets
-	TdfT             tdf;     // 2 octets
-	// total 16 octets
-    };
-		
-    struct IntervalT {
-	TimeT            lower_bound;
-	TimeT            upper_bound;
-    };
+	
+	typedef TimeT 			InaccuracyT;
+	typedef short 			TdfT;
+	struct UtcT {
+		TimeT			time;		// 8 octets
+		unsigned long	inacclo;	// 4 octets
+		unsigned short	inacchi;	// 2 octets
+		TdfT			tdf;		// 2 octets 
+									// total 16 octets.
+	};
 
+	struct IntervalT {
+		TimeT			lower_bound;
+		TimeT			upper_bound;
+	};
 };
-#endif /* _TIME_BASE_IDL */
+#endif /* ifndef _TIME_BASE_IDL_ */



Mime
View raw message