This example demonstrates the use of the policy server framework.
The example shows you how a server checks messages from a client against a security policy. It also shows you how to deal with the result of a security check.
The following sections provide more information about this example application:
Click on the following link to download the example: SecureServer.zip
Click: browse to view the example code.
The server contains a simple counter. It can change the value of the counter. It can also write the value of the counter to a file. The server offers the following services to a client:
Increase the value of the counter by any number greater than 1.
Decrease the value of the counter by any number greater than 1.
Increase the value of the counter by 1.
Decrease the value of the counter by 1.
Reset the counter to its default value.
Reset the counter to the value in the file counter.dat.
Save the counter value in the file counter.dat.
Send the current value of the counter to a client.
Create, initialise and close a subsession.
Send the current number of open subsessions to a client.
The client sends a message to the server to request one of these services. The server checks each request against its security policy. If the request fails the security check, the request is rejected.
The security policy has the following rules:
If a client asks the server to increase the counter value by more than 10, the client ‘s SID value must be less than or equal to 0x70fffff5.
If a client asks the server to decrease the counter value by more than 10, the client ‘s SID value must be less than or equal to 0x70fffff5.
If a client asks the server for the number of open subsessions, the client’s SID value must be 0x70fffff0.
If a client asks the server to save the counter value to the file counter.dat, the client must have both ReadDeviceData and WriteDeviceData capabilities.
If a client asks the server to reset the counter value from the file counter.dat, the client must have both ReadDeviceData and WriteDeviceData capabilities.
The example application shows how you to code security policies. It also shows you the constants and classes that you must define to use the policy server framework.
Copyright ©2010 Nokia Corporation and/or its subsidiary(-ies).
All rights
reserved. Unless otherwise stated, these materials are provided under the terms of the Eclipse Public License
v1.0.