|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE concept |
|
11 PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd"> |
|
12 <concept id="GUID-1F6DA049-AC03-5122-8B91-32C007A41526" xml:lang="en"><title>SecureServerExample: |
|
13 Implementing the Policy Server Framework</title><shortdesc>This example demonstrates the use of the policy server framework.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody> |
|
14 <p> The example shows you how a server checks messages from a client against |
|
15 a security policy. It also shows you how to deal with the result of a security |
|
16 check. </p> |
|
17 <p>The following sections provide more information about this example application: </p> |
|
18 <section id="GUID-14AB89A0-C5AD-5598-ABA3-F1243CA00D97"><title>Download</title> <p>Click |
|
19 on the following link to download the example: <xref href="guid-6013a680-57f9-415b-8851-c4fa63356636/zips/guid-a84e1714-2cf0-4023-b3d3-d35217f4159d.zip" scope="external">SecureServer.zip</xref></p><p>Click: <xref href="guid-6013a680-57f9-415b-8851-c4fa63356636/guid-a84e1714-2cf0-4023-b3d3-d35217f4159d.html" scope="peer">browse</xref> to view the example code.</p> </section> |
|
20 <section id="GUID-D8761EA7-00C3-5273-A082-C3DE4AC2BFB9"><title>Description</title> <p>The |
|
21 server contains a simple counter. It can change the value of the counter. |
|
22 It can also write the value of the counter to a file. The server offers the |
|
23 following services to a client: </p> <ul> |
|
24 <li id="GUID-79AEF61F-24B7-55FC-88F2-73A3CA124597"><p>Increase the value of |
|
25 the counter by any number greater than 1. </p> </li> |
|
26 <li id="GUID-67736263-0785-558E-8FAA-B73CD05F3511"><p>Decrease the value of |
|
27 the counter by any number greater than 1. </p> </li> |
|
28 <li id="GUID-A7FE0EFE-EDA3-5394-AA6C-D34FFEBB2CD4"><p>Increase the value of |
|
29 the counter by 1. </p> </li> |
|
30 <li id="GUID-191ADD33-2EDC-5493-9F3B-F25AE2AF0708"><p>Decrease the value of |
|
31 the counter by 1. </p> </li> |
|
32 <li id="GUID-3B10E37A-7172-56EC-A6A2-50C3BC84A029"><p>Reset the counter to |
|
33 its default value. </p> </li> |
|
34 <li id="GUID-305441F7-6797-52C5-92F2-353C45A7260B"><p>Reset the counter to |
|
35 the value in the file <filepath>counter.dat</filepath>. </p> </li> |
|
36 <li id="GUID-9744CA5A-3D99-57F3-B596-D8145CC66494"><p>Save the counter value |
|
37 in the file <filepath>counter.dat</filepath>. </p> </li> |
|
38 <li id="GUID-42C92895-BD40-58C3-ABB2-0D3DD40CA78E"><p>Send the current value |
|
39 of the counter to a client. </p> </li> |
|
40 <li id="GUID-D6FF0681-5DC7-5605-83F2-4C225EF7520B"><p>Create, initialise and |
|
41 close a subsession. </p> </li> |
|
42 <li id="GUID-78587766-2027-5A3D-BE90-6FBF512DD252"><p>Send the current number |
|
43 of open subsessions to a client. </p> </li> |
|
44 </ul> <p>The client sends a message to the server to request one of these |
|
45 services. The server checks each request against its security policy. If the |
|
46 request fails the security check, the request is rejected. </p> <p>The security |
|
47 policy has the following rules: </p> <ul> |
|
48 <li id="GUID-AF85DEBB-0A7D-5794-912E-9382D31834CE"><p>If a client asks the |
|
49 server to increase the counter value by more than 10, the client ‘s SID value |
|
50 must be less than or equal to 0x70fffff5. </p> </li> |
|
51 <li id="GUID-007E3288-B47F-5E2C-AA3A-E21FE1251B41"><p>If a client asks the |
|
52 server to decrease the counter value by more than 10, the client ‘s SID value |
|
53 must be less than or equal to 0x70fffff5. </p> </li> |
|
54 <li id="GUID-2C3B7481-478F-5248-98D2-423D288D12C6"><p>If a client asks the |
|
55 server for the number of open subsessions, the client’s SID value must be |
|
56 0x70fffff0. </p> </li> |
|
57 <li id="GUID-BBBDAF33-5DC0-5D01-AEAF-89D36C834045"><p>If a client asks the |
|
58 server to save the counter value to the file <filepath>counter.dat</filepath>, |
|
59 the client must have both <codeph>ReadDeviceData</codeph> and <codeph>WriteDeviceData</codeph> capabilities. </p> </li> |
|
60 <li id="GUID-9D5144DB-D113-5AF9-9FBC-F31E9E5BA96F"><p>If a client asks the |
|
61 server to reset the counter value from the file <filepath>counter.dat</filepath>, |
|
62 the client must have both <codeph>ReadDeviceData</codeph> and <codeph>WriteDeviceData</codeph> capabilities. </p> </li> |
|
63 </ul> <p>The example application shows how you to code security policies. |
|
64 It also shows you the constants and classes that you must define to use the |
|
65 policy server framework. </p> </section> |
|
66 <section id="GUID-DD984CA6-90E7-4B7D-9876-356A7BBFEA26"><title>Class summary</title><p>This example demonstrates the following |
|
67 classes:<ul> |
|
68 <li><p><xref href="GUID-5BDFF5B1-DC1F-393A-879B-9D8DE080B4E2.dita"><apiname>CPolicyServer</apiname></xref></p></li> |
|
69 <li><p><xref href="GUID-D5A30C75-E22C-34E8-913B-7D2CA6AD5C51.dita"><apiname>CSession2</apiname></xref></p></li> |
|
70 <li><p><xref href="GUID-D82DEC7A-71C2-3004-BFC2-C82C009A2715.dita"><apiname>TVersion</apiname></xref></p></li> |
|
71 <li><p><xref href="GUID-D7D422D3-65E5-378B-8F52-6485BC5603A0.dita"><apiname>RMessage2</apiname></xref></p></li> |
|
72 <li><p><xref href="GUID-9230EF62-376A-389C-B720-7C1EDCB7EA97.dita"><apiname>CObject</apiname></xref></p></li> |
|
73 <li><p><xref href="GUID-DE901A59-C714-356A-9490-C4E9C9F186DB.dita"><apiname>CObjectCon</apiname></xref></p></li> |
|
74 <li><p><xref href="GUID-72761B3C-ECB6-34B2-87ED-C972E479357A.dita"><apiname>CObjectConIx</apiname></xref></p></li> |
|
75 <li><p><xref href="GUID-70824EE4-9E01-3AC0-9318-4B521A1FDD5E.dita"><apiname>CObjectIx</apiname></xref></p></li> |
|
76 <li><p><xref href="GUID-6D8A458C-9A39-3000-A3BC-060A2A3663E6.dita"><apiname>RSessionBase</apiname></xref></p></li> |
|
77 <li><p><xref href="GUID-B0E661BC-4058-3256-B9C3-5A4FD52F6DE5.dita"><apiname>RThread</apiname></xref></p></li> |
|
78 <li><p><xref href="GUID-1BBE1448-1DF8-33C4-BF9E-5A5F427AEE35.dita"><apiname>RSubSessionBase</apiname></xref></p></li> |
|
79 </ul></p></section> |
|
80 <section id="GUID-B9CD5974-18AA-5581-8BA5-8A1F2CFBC4E7"><title>Build</title> <p><xref href="GUID-3100800B-B2F7-50EF-BD4C-3C345ECCB2A5.dita">The Symbian OS build process</xref> describes |
|
81 how to build this example. </p> <p>The <codeph>SecureServer</codeph> example |
|
82 builds the following binaries in the standard location (<filepath>\epoc32\release\winscw\<build_variant></filepath>) |
|
83 for Carbide.c++. </p> <ul> |
|
84 <li id="GUID-AAFBE9F2-D78B-53FD-8A3C-EF9A43EA6052"><p> <filepath>secureclient.exe</filepath>: |
|
85 This is the client executable file. It starts the server and shows the behaviour |
|
86 of the client. </p> </li> |
|
87 <li id="GUID-758E4591-2A54-5868-A73A-FCE5C31A2C70"><p> <filepath>secureserver.dll</filepath>: |
|
88 This is the DLL that contains the code for the server. This executable file |
|
89 must be built before <filepath>secureclient.exe</filepath> file. </p> </li> |
|
90 </ul> </section> |
|
91 </conbody></concept> |