Manualshelf

HP WBEM Services Software Developer's Kit for HP-UX Provider and Client Developer's Guide A.01

ManualsBrandsHP ManualsSoftwareHP-UX 11i WBEM Software
61626364656667686970
Provider Implementation
Provider Design Considerations
Chapter 468
unique symbols, because the functions are declared in differently named
provider classes. However, it is possible to declare global symbols
(technically, named ::<
name
>), and these may indeed "collide" with
symbols of the same name. This issue is not unique to C++ nor to HP
WBEM Services for HP-UX providers. Care should be taken to avoid the
use of global symbol names whenever possible. When necessary, names
should be chosen with a component, such as a module name, that will
guarantee, or at least increase the probability of, uniqueness.
Security Architecture
User Authentication
Access to WBEM Services is restricted to users with valid accounts on
the system being managed. Requests from remote clients contain a
username/password pair that the CIM Server will authenticate.
Requests may also be received through a local connection using the
connectLocal() function in the Client API. This function does not take
username or password arguments. The user ID for a local client request
is that of the process issuing the request.
namespace Authorization
In addition to user authentication, if the feature is enabled, the CIM
Server performs namespace authorization (this is disabled when the
product is installed, but can be enabled with the cimconfig command).
There are several namespaces serviced by the CIM Server. Each
namespace has an associated list of users who are authorized to access
its objects, and what level of access is permitted (read, write, or
read+write). The namespace authorization database is managed with the
cimauth command, described in the cimauth man page.
The section on Provider Registration and Naming describes how
providers can register to serve classes in multiple namespaces.
namespaces are also discussed in Appendix A, CIM Naming Guidelines.
Execution Context
Once a client request has been authenticated and authorized, the
username is passed to the provider in the OperationContext parameter
present in all function calls. No password is passed to the provider.