CoreModule which cares of system security and auditing. More...
#include <H:/WOSH/win32_vc2010/src/core/SecurityManager.h>
Public Member Functions | |
| virtual | ~SecurityManager () |
| Destructor. Events dataset is destroyed. | |
Message Events (incoming message) | |
| void | busMessage (const Message &message, const Bus *source) |
| Method raised by the Bus when it processes a new message. Implementations will probably analyze the message and perform actions. | |
Static Public Member Functions | |
Public methods (bundles) | |
| static WRESULT | isAuthorized (const std::string &wosh_username, const SecurityAuthenticationSecret *secret, SecurityAuthenticationProvider *provider, const Object *source) |
| static WRESULT | isAuthenticated (const std::string &wosh_username, SecurityAuthenticationProvider *provider, const Object *source) |
| static bool | isTrustedHost (const WoshHost *) |
| @ todo how to do AUDITING (tracing which clients accessed which resources and how) | |
| static WRESULT | validate (const WoshHost *source, const WoshHost *target, const NetworkChannel *channel) |
| static WRESULT | validate (const Message *message, const NetworkChannel *channel) |
| static WRESULT | validate (const Message *message, const Bus *source, const Bus *target) |
| static bool | compareMask (short mask_pattern, short operation) |
| static bool | evalAuthorization (const SecurityToken *security, const Permission *permissions, Permission::PERMISSION_TYPE operation) |
| static WRESULT | validateToken (const SecurityToken *security) |
Protected Member Functions | |
| SecurityManager (const WoshKernel *parent=NULL) | |
| Default constructor. Call base constructor and initialize some properties and hosted methods. | |
| WRESULT | onKernelInitializing () |
| Call base class implementation and create the Security Bus (wosh.Bus.Security). | |
IPropertiesProviderListener interface | |
| bool | updatingProperty (bool &do_update, const Variant &value_proposed, Property &property_current, const PropertiesProvider *source) |
Private Attributes | |
| BusConnector | BusSecurity |
| Bus of Security, network-shared, created by myself on kernel-init. | |
| tMessageList | eventsLog |
| cache of last events (Message.Fact) monitored on Security bus. | |
| long | eventLogMaxSize |
| size of the EventLog cache. 0 will disable logging | |
| bool | eventLogLocallyOnly |
| when enabled (default), filter only local events | |
Friends | |
| class | wosh::WoshKernel |
Internal Mehods and Events management | |
| static SecurityManager * | getInstance () |
| Access the SecurityManager singleton. Gamma Pattern. Static reference is allocated and detroyed by WoshKernel on constructor/destructor respectively. | |
| void | logEvent (const Message &message) |
| Append a device-event to event-log cache. Reentrant. | |
Detailed Description
CoreModule which cares of system security and auditing.
-------------------------------------------------------------------------- Auditing ========= SecurityAuditingEngine (implemented within wosh::security) monitors security events and may apply countermeasures..
-------------------------------------------------------------------------- Authorization =============
idea: un component che fa da trust=> genera securitytoken criptato con dentro le info quindi un messaggio da communicator ha le info necessarie x valutare che sessione aprire e ereditare le credenziali
gli oggetti hanno permission ma è legata a credenziali? hanno anche riferimento e credenziali? ---------------------------------------------------------------------------
OTTIMO: http://msdn.microsoft.com/en-us/library/ms788756.aspx
Identity and access management (IAM) remains a challenge in distributed systems. Security tokens are used to prove one's identity electronically (as in the case of a customer trying to access their bank account). The token is used in addition to or in place of a password to prove that the customer is who they claim to be. The token acts like an electronic key to access something. Use brokered authentication with a security token (ref http://msdn.microsoft.com/en-us/library/aa480563.aspx) PAM (Pluggable authentication modules)
----------------------------------
wosh::SecurityManager UML diagram
- Initialization:
- Version:
- 0.6.030
- Id:
- SecurityManager.h 3775 2011-01-01 16:38:17Z alex
Definition at line 155 of file SecurityManager.h.
Constructor & Destructor Documentation
| wosh::SecurityManager::SecurityManager | ( | const WoshKernel * | parent = NULL ) |
[protected] |
Default constructor. Call base constructor and initialize some properties and hosted methods.
- Parameters:
-
parent [in] WoshKernel singleton, passed to WoshModule constructor
- Note:
- Called by WoshKernel only. Static getter (gamma singleton) will return NULL until kernel is created.
Definition at line 68 of file SecurityManager.cpp.
References wosh::LOG_DEBUG.
| wosh::SecurityManager::~SecurityManager | ( | ) | [virtual] |
Destructor. Events dataset is destroyed.
Definition at line 94 of file SecurityManager.cpp.
References wosh::LOG_DEBUG, and wosh::LOG_VERBOSE.
Member Function Documentation
Method raised by the Bus when it processes a new message. Implementations will probably analyze the message and perform actions.
- Parameters:
-
[in] message the incoming message [in] source the source Bus of the incoming message
- Warning:
- The current thread is own and managed by the caller Bus. Heavy, dangerous or time expensive operations should be executed asynchronously and not inline!
Reimplemented from wosh::WoshModule.
Definition at line 167 of file SecurityManager.cpp.
References BusCore, wosh::Message::getContent(), wosh::Message::getSourceBus(), wosh::Message::isEmpty(), wosh::MessageContent::isFact(), and wosh::MessageContent::isRequest().
| bool wosh::SecurityManager::compareMask | ( | short | mask_pattern, |
| short | operation | ||
| ) | [static] |
- Todo:
- using bitset
Definition at line 228 of file SecurityManager.cpp.
| SecurityManager * wosh::SecurityManager::getInstance | ( | ) | [static, private] |
Access the SecurityManager singleton. Gamma Pattern. Static reference is allocated and detroyed by WoshKernel on constructor/destructor respectively.
- Returns:
- pointer to SecurityManager singleton. May be NULL (if kernel has not been allocated yet)
Definition at line 57 of file SecurityManager.cpp.
| static bool wosh::SecurityManager::isTrustedHost | ( | const WoshHost * | ) | [inline, static] |
@ todo how to do AUDITING (tracing which clients accessed which resources and how)
Definition at line 195 of file SecurityManager.h.
| void wosh::SecurityManager::logEvent | ( | const Message & | message ) | [private] |
Append a device-event to event-log cache. Reentrant.
- See also:
- eventsLog
Definition at line 183 of file SecurityManager.cpp.
References wosh::ISerializable::clone(), and wosh::Message::getSource().
| WRESULT wosh::SecurityManager::onKernelInitializing | ( | ) | [protected, virtual] |
Call base class implementation and create the Security Bus (wosh.Bus.Security).
- Returns:
- result of WoshModule::onKernelInitializing() + bus-creation result
Reimplemented from wosh::WoshModule.
Definition at line 114 of file SecurityManager.cpp.
References wosh::LOG_CRITICAL, wosh::LOG_INFO, wosh::LOG_VERBOSE, wosh::Bus::setName(), and WRET_ERR_INTERNAL.
Member Data Documentation
Bus of Security, network-shared, created by myself on kernel-init.
Definition at line 258 of file SecurityManager.h.
bool wosh::SecurityManager::eventLogLocallyOnly [private] |
when enabled (default), filter only local events
Definition at line 274 of file SecurityManager.h.
long wosh::SecurityManager::eventLogMaxSize [private] |
size of the EventLog cache. 0 will disable logging
Definition at line 273 of file SecurityManager.h.
tMessageList wosh::SecurityManager::eventsLog [private] |
cache of last events (Message.Fact) monitored on Security bus.
Definition at line 272 of file SecurityManager.h.
The documentation for this class was generated from the following files: