Week 28 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 1897, Bug 344, Bug 2681, Bug 463, Bug 1522.
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept xml:lang="en" id="GUID-F15D2D1A-FA45-5665-9507-1EC7ECB301BF"><title>Policy Check Requests</title><shortdesc>This section describes how the client application requests are authorised by the User Prompt Service. </shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody><p>The network user prompt service framework enables the developers to invoke the user prompt in two ways. </p> <ol id="GUID-0DF4FAA4-F875-5F0B-8362-AC5F06D83D69"><li id="GUID-C1B7DB0E-B4A0-583E-A93E-78F660AF1FA4"><p>Using a <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref> request </p> </li> <li id="GUID-0997C833-2A08-5C69-B80E-5E4945AFA317"><p>Using <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TPolicyCheckRequest</apiname></xref> </p> </li> </ol> <section><title>Piggy-back Request With TNoBearer</title> <p>The piggy back using <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref> is used when an application attempts to write data into a socket for the first time without an existing bearer. The Piggy back request using <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref> method is recommended to be used by IP networking processes but can be used by other frameworks. This method is used when the TCP/IP stack calls a <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>NoBearer()</apiname></xref> function or when a control provider (IP SCPR) sends a <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref> to the MCPR. The MCPR retrieves the attributes of the client from the UPS access point configuration extension, which is created by the node and the MCPR prior to a <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref>. </p> </section> <section><title>UPS Access Point Configuration Extension </title> <p>The UPS access point configuration extension is used to provide the information necessary to send the UPS prompt request to the MCPR. The <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref> message does not contain enough attributes for the MCPR to forward the request to the UPS server, so the UPS access point configuration extension populates the required field in the <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TNoBearer</apiname></xref> message. The UPS access point configuration extension is created in either of the following situations : </p> <ul><li id="GUID-40C13006-F19B-58A9-8601-49B0A5E4C7EB"><p>TCP/IP stack calls <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>CTransportFlowShim::NoBearer()</apiname></xref> </p> </li> <li id="GUID-8D3E9D67-A923-56DF-ABE0-005AC1F168E5"><p>IP SCPR receives a <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>CConection::Start()</apiname></xref> </p> </li> </ul> <p>The extension contains the details of the client which originated the above calls. The extension contains the details such as <codeph>process
id</codeph>, <codeph>thread id</codeph>, result of the platform security check, <codeph>destination address</codeph> and a <codeph>Boolean flag </codeph> specifying if a particular process needs to be authenticated by UPS server. </p> </section> <section><title> Authorisation Request With
TPolicyCheckRequest</title> <p> <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TPolicyCheckRequest</apiname></xref> is used when an application attempts to write data into a socket with an existing bearer. When the application must be authenticated by the user, the framework implementers pass the user prompts request to the control providers. The node passes the client side request through a <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TPolicyCheckRequest</apiname></xref>. This mechanism is implemented in the core framework and is available to all the framework implementers. The mechanism requires <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TPolicyCheckRequest</apiname></xref> message to be sent from the node which requires UPS authorisation to its MCPR through an intermediate clients. A <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TPolicyCheckResponse</apiname></xref> is sent in the opposite direction once the response is received from the UPS server. </p> <fig id="GUID-D9310DD0-4FA8-5810-92E1-02FCBDB5EF4C"><image href="GUID-D48AD74E-FF0E-502F-961C-CAD0516B3BA9_d0e566770_href.png" placement="inline"/></fig> <p> <xref href="GUID-BED8A733-2ED7-31AD-A911-C1F4707C67FD.dita"><apiname>TPolicyCheckRequest</apiname></xref> contains client information such as the process id, the result of platform security check and, when available, the destination address field . </p> </section> </conbody></concept>