Open Server performs the following steps when a client initiates a dialog using security services:
Establishes a transport connection with the client.
Receives the client’s login record and any opaque security tokens and responds with any necessary opaque tokens to the client.
Establishes a security session when the security message handshake succeeds.
When an Open Server application receives information from a client, it performs these steps:
Processes any security messages—for instance a cryptographic signature—associated with the response received from the client. (A cryptographic signature ensures the integrity of the message).
Based on the security services supported on the security session, calls the appropriate routines—for example, to verify the signature.
Processes the TDS data stream as normal.
Open Server sends a response to the client in the following steps:
Checks for credential or security session expiration. If an expiration is detected, Open Server performs error processing.
Based on the security services supported on this dialog, calls the appropriate routines—for example, to generate a cryptographic signature for the response.
Generates the required TDS to identify any per-packet security services.
A security session is terminated when the associated client dialog terminates. Termination may occur because of a normal client logout or error conditions.
