Manualshelf

OSF DCE Application Development Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
561562563564565566567568569570
Authorization
3. There is no entry for the group projecty, so this check yields no permissions.
4. There is no other_obj entry, so this check can yield no permissions.
5. The principal is local, so no foreign_other entry can be a match; this check
yields no permissions.
6. Having failed to match any entry examined in the preceding checks, the principal
matches the any_other entry, which yields the permission set ab. There is no
mask_obj entry, but there is the unauthenticated mask entry, which specifies the
permission set a. Applying the unauthenticated mask to this privilege attribute
entry yields the effective permission a.
The permission requested (a) is a member of the effective permission set (a), so this
principal’s request is granted.
24.2 Name-Based Authorization
The Kerberos authentication service, upon which the DCE shared-secret authentication
protocol is based, authenticates the string name representation of a principal. The DCE
Security Service converts these string representations to UUIDs, and it is these UUIDs
that an ACL manager uses to make authorization decisions. However, since some
existing (non-DCE) applications implement Kerberos authentication, DCE security
supports an authorization protocol based on principal string names: name-based
authorization.
It is assumed that applications that use name-based authorization have a means to
associate string names with permissions, since the DCE Security Service offers no such
facility. Because in name-based authorization there is no UUID representation of
privilege attribute data, and because DCE ACL managers recognize only UUIDs, if an
application uses name-based authorization, then a principal’s privilege attributes are
represented as an anonymous PAC. Such PAC data can only match the ACL entry types
other_obj, foreign_other,or any_other, and are masked by the unauthenticated
mask.
Also note that there is essentially no intercell security for an application that uses the
name-based authorization protocol because such applications never communicate with
the privilege service, which evaluates intercell trust.
124245 Tandem Computers Incorporated 24 11