MCL/sf/os/security: authorisation/userpromptservice/examples/integration/readme.txt@641f389e9157 (annotated)

8 35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1	//
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2	// Copyright (c) Symbian Software Ltd 2007. All rights reserved.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	3	//
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	4
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	5
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	6	* Overview *
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	7
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	8	This directory contains example code that demonstrates how user permission
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	9	prompt support(UPS) may be added to a system server. The example code consists of
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	10	three components.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	11
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	12	* Components *
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	13
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	14	1) tmsgserver
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	15	A simple server that provides an asynchronous API to send messages. Since this
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	16	is example code the messages are displayed to the screen.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	17
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	18	2) tmsclient
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	19	The client library for tmsgserver.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	20	No modifications are necessary in order to support user permission prompts.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	21
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	22	3) tmsgapp
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	23	An example application that sends a number of messages and also tests cancellation.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	24
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	25	No modification was required as a consequence of the UPS integration. However,
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	26	in order to allow the test to be run multiple times the UPS management API is
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	27	used to delete old decision records for this application.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	28
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	29	* Integration Overview *
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	30	Whilst the APIs for the UPS are relatively small the integration is slightly
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	31	more complicated than might be expected because existing synchronous security
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	32	checks must become asynchronous since interaction with the device user is
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	33	inherently an asynchronous operation. For example, it would be undesirable to
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	34	block the entire network server whilst waiting for the user to respond to a
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	35	dialog.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	36
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	37	The second factor that must be considered is that in order to make an informed
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	38	security decision the user may need to know data about the request they are
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	39	authorizing. Consequently, it may be necessary to extract the parameters from
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	40	the client application at the security check stage.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	41
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	42	Finally, depending on the service and the security requirements of the
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	43	manufacturer an operator user prompts may be in addition to the platform
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	44	security (e.g. capabilities) checks. Alternatively, user prompts could be used
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	45	to allow applications without capabilities limited access to a protected
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	46	service. Since most implementations of the CPolicyServer fail the client
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	47	immediately if the platsec check fails these checks may have to be modified.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	48
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	49	* Integration Points *
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	50	If the system server uses the CPolicyServer framework then there are three
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	51	candidates for the main integration point.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	52
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	53	1) CPolicyServer::CustomSecurityCheckL
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	54	This allows an arbitrary and even asynchronous check to be made instead of using
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	55	static security policies.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	56
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	57	2) CPolicyServer::CustomFailureActionL
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	58	This virtual method is invoked if the client fails the static security checks. The
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	59	failure may be overridden or deferred. Asynchronous operations are possible.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	60
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	61	3) CSession2::ServiceL
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	62	The static policy checks could be deferred until the session is created provided that
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	63	the server connection API is not guarded by user prompts.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	64
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	65	* Example integration *
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	66	In the example code a combination of (2) and (3) are used because it involves
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	67	minimal changes to the existing security policy checks.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	68
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	69	** Steps **
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	70
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	71	1) An RUpsSession object has been added to the CMsgServer class. This is
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	72	initialized at startup.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	73
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	74	2) CMsgServer::iPolicyElements was changed to cause CustomFailureActionL to be
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	75	invoked if the static security policy check fails instead of failing the
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	76	client.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	77
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	78	3) CMsgServer::CustomFailureActionL notifies the session object that the
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	79	platsec check failed. This is important because RUpsSubsession::Authorise
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	80	requires this information in order to allow unconfigured systems to be
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	81	compatible with platsec. It also increases the flexibility of the UPS policy
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	82	definitions.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	83
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	84	4) An RUpsSubsession instance is created for each CSession2 object. i.e.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	85	requests from different clients are authorized independently. This could be
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	86	modified so that there is one UPS sub-session for each client process instead
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	87	of each connection from a client process.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	88
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	89	5) An extra state (iAuthorising) was added at the start of the CMsgProcessor
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	90	state machine.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	91
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	92	6) The RMessage2 parameters from the client API are now extracted in the
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	93	authorization stage to enable the information to be passed to the UPS.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	94
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	95	7) CMsgProcessor::DoCancel was updated to cancel the call to
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	96	RUpsSubsession::Authorise if the client cancels the sending of the message or
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	97	disconnects.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	98
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	99	8) CMsgProcessor::RunL now checks whether the request was authorized before
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	100	changing from the authorization to the sending state.
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	101
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	102
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	103
35751d3474b7 Revision: 200935 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	104

author	Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
	Tue, 31 Aug 2010 17:00:08 +0300
branch	RCL_3
changeset 61	641f389e9157
parent 8	35751d3474b7
permissions	-rw-r--r--