Manualshelf

OSF DCE Application Development Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
541542543544545546547548549550
Authentication
Figure 23-7. Application Server Challenges Client
Legend:
conversation key 4
Application Server’s secret key
encrypted with conversation key 4
encrypted with Application Server’s secret key
Security runtime
Client Principal
RPC
EPAC
Seal
random number (cli)
random number (svr)
EPAC
Seal
random number (cli)
random number (cli)
(Use key to decrypt random
number sent by client)
(If client random number =
server random number, then
client knows conversation key)
Application Server
EPAC
Seal
Note: Refer to Figure 23-8 as you read the following steps.
11. The Security runtime for the application server uses the fourth conversation key
to decrypt the client’s request, and if it determines from the authorization
information that the client is authorized, it performs the server operation and
prepares a response. The server runtime encrypts the response using the
conversation key and sends it to the client.
124245 Tandem Computers Incorporated 2321