An SSL callback component is a component that the client uses to execute callback methods. A callback method is a method that responds to SSL requests from EAServer. An SSL callback component resides on the client machine. To create an SSL callback, you must create a component DLL or shared library and deploy it on the client machine in a directory specified by the PATH environment variable. You can create the component in the same manner that you would create any other server-side component—using EAServer Manager and a C++ IDE.
You must specify the component DLL or shared library by using the setGlobalProperty method in the CtsSecurity::SSLServiceProvider interface to set the callbackImpl global property. For information, see “Set the quality of security services and global properties”.
Although default implementations of the following callback methods are included with the EAServer client ORB, you can implement your own logic for these callback methods. To implement the default response for callback methods, code them to return the CORBA::NO_IMPLEMENT exception.
getCertificateLabel The user is prompted with the available certificate labels and asked to choose one of them for client authentication.
getCredentialAttribute The EAServer SSL client runtime engine retrieves credential attributes from the user on request.
getPin The user is prompted with the PKCS #11 token or Entrust password information and asked to provide a PIN for logging into the PKCS #11 token or Entrust.
trustVerify The user is prompted with server certificate information and asked to determine if the server certificate chain can be trusted and if the SSL session can proceed.
For more information about these callback methods, see the CtsSecurity::SSLCallback interface in the interface repository documentation. The interface repository documentation can be viewed in a Web browser by connecting to your server with this URL:
http://yourhost:yourport/ir/
where yourhost is the EAServer’s host name and yourport is the HTTP port number.
The sample/ClientSSL subdirectory in your EAServer installation contains an example program that installs an SSL callback to interact with the user.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
