Manualshelf

HP DCE/9000 Application Development Tools for HP-UX 11i Release Note

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
16171819202122232425
22
HP DCE/9000 Version 1.8 Application Development Tools for HP-UX 11i Release Note
Developing DCE Applications with HP DCE/9000
If the client specified DCE secret key authentication and the server specified no
authentication, then the runtime will reject the call, and it will never reach the manager
routine.
If both client and server specified DCE secret key authentication, then authentication will
be carried out by the RPC runtime transparently. Whether the call reaches the server
manager code or is rejected by the runtime will depend on whether the authentication
succeeds.
Although the RPC runtime is responsible for any authentication that is carried out, the
fact that the runtime will always permit unauthenticated clients to reach the manager
code means that a manager access function typically does need to make an authentication
check. When the manager access routine calls rpc_binding_inq_auth_client(), it should
check for a return status of rpc_s_binding_has_no_auth. When such a status is
returned, it means that the client has specified no authentication, and the manager access
function will have to make an access decision based on this fact. Note that in such a case,
no meaningful authentication or authorization information is returned from
rpc_binding_inq_auth_client().
RPC Data Transfer Limitation
The bulk data transfer (for example, IN/OUT-pipes) over the connection-oriented (TCP/IP)
RPC protocol is limited by the performance difference between the client and server
machines. If the receiver process is significantly slower than the sender process (and cannot
process data fast enough), the receiver process's virtual memory usage may grow rapidly until
the remote procedure call fails with an rpc_s_no_memory status.
Restricting RPC Addresses
The runtime looks for a RPC_SUPPORTED_NETADDRS environment variable, which allows
a user or administrator to restrict the network addresses that a DCE server will advertise in
the name space/endpoint-map.
If this environment variable is set, only addresses in the list will be advertised in the name
space or endpoint map. Addresses not found on the list will be excluded from the server's list
of available addresses.
The format of the RPC_SUPPORTED_NETADDRS string is as follows:
RPC_SUPPORTED_NETADDRS=PROTSEQ:netaddr[,protseq:netaddr]
For example, assuming that host myhost is located at IP address 10.3.2.1, the Korn shell
statements:
export RPC_SUPPORTED_NETADDRS=ip:myhost
or