Re: Java GSS-API bindings
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java GSS-API bindings

>> As suggested by John Linn, I am inquiring within this group
>> about the level of interest in pursuing a Java GSS-API bindings.
>> We here at Sun are in the process of preparing a draft of the
>> Java bindings for submission to the working group.
>>
>> Currently, I am in discussion with Michael Smith who has expressed
>> interest in this topic. If anyone else is interested please voice
>> your interest to the group.
>>
>>
>> Thank you,
>>
>> Jack Kabat
>
>We did some work designing an OO GSSAPI binding for Python in November last
>year. I would imagine that some of the OO ideas would be useful from that
>work. Our approach was through necessity in securing a project written in
>Python. We used SWIG to wrap the functions and then added an OO layer. This
>allowed us to use an existing mechanism for the security but gave a neat OO
>feel from the application. The bindings can be seen at:
>
>http://www.dstc.qut.edu.au/MSU/projects/gss-api/V2Python.bindings
>
>I should probably redo the format. Email me if you want some explanation of
>anything and we would be happy to contribute in some way if needed.
>
>Simon Gibson

The CORBA security service was specifically designed to encapsulate GSS-API and
is in a sense
a somewhat more abstract binding for GSS-API.  I'm including some snippets of
the CORBA security
interfaces for authentication, credential acquisition, and context
establishment here for your edification and
delight :-)  All of the syntax here is CORBA IDL; this could easily be used as
the basis for a java implementation.

=========== type definitions ============

typedef sequence<SecAttribute> AttributeList;

// Security mech types supported for secure association
const CORBA::ServiceDetailType SecurityMechanismType = 1;

// security association mechanism type
typedef string MechanismType;
struct SecurityMechandName {
MechanismType        mech_type;
SecurityName
        security_name;
};

// Authentication return status
enum AuthenticationStatus {
SecAuthSuccess,
SecAuthFailure,
SecAuthContinue,
SecAuthExpired
};

// Association return status
enum AssociationStatus {
SecAssocSuccess,
SecAssocFailure,
SecAssocContinue
};

// Authentication method
typedef unsigned long AuthenticationMethod;

// Security features available on credentials.
enum SecurityFeature {
SecNoDelegation,
SecSimpleDelegation,
SecCompositeDelegation,
SecNoProtection,
SecIntegrity,
SecConfidentiality,
SecIntegrityAndConfidentiality,
SecDetectReplay,
SecDetectMisordering,
SecEstablishTrustInTarget
};

// Security feature-value
struct SecurityFeatureValue {
SecurityFeature      feature;
boolean value;
};

typedef sequence<SecurityFeatureValue>SecurityFeatureValueList;

// Quality of protection which can be specified
// for an object reference and used to protect messages
enum QOP {
SecQOPNoProtection,
SecQOPIntegrity,
SecQOPConfidentiality,
SecQOPIntegrityAndConfidentiality
};

// Association options which can be administered
// on secure invocation policy and used to
// initialize security context
typedef unsigned short AssociationOptions;
const AssociationOptions     NoProtection = 1;
const AssociationOptions     Integrity = 2;
const AssociationOptions     Confidentiality = 4;
const AssociationOptions     DetectReply = 8;
const AssociationOptions     DetectMisordering = 16;
const AssociationOptions     EstablishTrustInTarget
= 32;
const AssociationOptions     EstablishTrustInClient = 64;

// Flag to indicate whether association options being
// administered are the "required" or "supported" set

enum RequiresSupports {
SecRequires,
SecSupports
};

// Direction of communication for which
// secure invocation policy applies
enum CommunicationDirection {
SecDirectionBoth,
SecDirectionRequest,
SecDirectionReply
};

// AssociationOptions-Direction pair
struct OptionsDirectionPair {
AssociationOptions      options;
CommunicationDirection     direction;
};

typedef sequence<OptionsDirectionPair>OptionsDirectionPairList;

// Delegation mode which can be administered
enum DelegationMode {
SecDelModeNoDelegation, // i.e. use own credentials
SecDelModeSimpleDelegation, // delegate received credentials
SecDelModeCompositeDelegation// delegate both;
};

// Association options supported by a given mech type
struct MechandOptions {
MechanismType      mechanism_type;
AssociationOptions      options_supported;
};
typedef sequence<MechandOptions> MechandOptionsList;

========== principal authentication interface (authenticates and acquires a
credential)  =============

// Interface PrincipalAuthenticator

interface PrincipalAuthenticator { // Locality Constrained

Security::AuthenticationStatus   authenticate (
in Security::AuthenticationMethod    method,
in Security::SecurityName     security_name,
in Security::Opaque      auth_data,
in Security::AttributeList      privileges,
out Credentials       creds,
out Security::Opaque      continuation_data,
out Security::Opaque      auth_specific_data
);

Security::AuthenticationStatus   continue_authentication (
in Security::Opaque      response_data,
in Credentials       creds,
out Security::Opaque      continuation_data,
out Security::Opaque      auth_specific_data
);

};

interface SecurityContext; //forward declaration

=========== Vault interface (equivalent to gss-init and gss-accept) ============

interface Vault { // Locality Constrained

Security::AssociationStatus   init_security_context (
in SecurityLevel2::CredentialsList    creds_list,
in Security::SecurityName     target_security_name,
in Object       target,
in Security::DelegationMode     delegation_mode,
in Security::OptionsDirectionPairList
   association_options,
in Security::MechanismType     mechanism,
in Security::Opaque      mech_data, //from
IOR
in Security::Opaque      chan_binding,
out Security::Opaque      security_token,
out SecurityContext      security_context
);

Security::AssociationStatus   accept_security_context (
in SecurityLevel2::CredentialsList    creds_list,
in Security::Opaque      chan_bindings,
in Security::Opaque      in_token,
out Security::Opaque      out_token
);

Security::MechandOptionsList   get_supported_mechs ();
};

=========== Security Context interface (supports functionality of gss-sign and
gss-seal) ============

interface SecurityContext { // Locality Constrained

readonly attribute SecurityLevel2::CredentialsList  received_credentials;
readonly attribute Security::SecurityFeatureValueList security_features;

Security::AssociationStatus   continue_security_context (
in Security::Opaque      in_token,
out Security::Opaque      out_token
);

void      protect_message (
in Security::Opaque      message,
in Security::QOP      qop,
out Security::Opaque      text_buffer,
out Security::Opaque      token
);

boolean     reclaim_message (
in Security::Opaque      text_buffer,
in Security::Opaque      token,
out Security::QOP      qop,
out Security::Opaque      message
);

boolean     is_valid (
out Security::UtcT      expiry_time
);

boolean     refresh (
);

};

=======================

--bob

Bob Blakley
IBM Lead Security Architect
Voice: +1 (512) 838-8133
Fax:    +1 (512) 838-0156
Post:    11400 Burnet Road, Mail Stop 9134, Austin, TX 78758 USA
Internet: blakley at us.ibm.com
==========================================================================
This message was posted through the Stanford campus mailing list
server.  If you wish to unsubscribe from this mailing list, send the
message body of "unsubscribe ietf-cat-wg" to majordomo at lists.stanford.edu

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.