Return to User27_Kerberos.mof CVS log | Up to [Pegasus] / pegasus / Schemas / CIMPrelim271 |
File: [Pegasus] / pegasus / Schemas / CIMPrelim271 / Attic / User27_Kerberos.mof
(download)
Revision: 1.1, Tue Jan 28 15:22:24 2003 UTC (21 years, 5 months ago) by karl Branch: MAIN CVS Tags: test, pep_88, pegasus25BeforeLicenseUpdate, mday-merge-start, mday-merge-pegasus/src/Pegasus/Server, mday-merge-pegasus/src/Pegasus/Common, local, TEST, SLPPERFINST-root, SLPPERFINST-branch, RELEASE_2_4_FC_CANDIDATE_1, RELEASE_2_4_3, RELEASE_2_4_2, RELEASE_2_4_1-BETA3, RELEASE_2_4_1-BETA2, RELEASE_2_4_1-BETA1, RELEASE_2_4_1, RELEASE_2_4_0-RC3, RELEASE_2_4_0-RC2, RELEASE_2_4_0, RELEASE_2_4-root, RELEASE_2_4-branch, RELEASE_2_3_2-root, RELEASE_2_3_2-branch-freeze, RELEASE_2_3_1-root, RELEASE_2_3_1-branch, RELEASE_2_3_0-root, RELEASE_2_3_0-msg-freeze, RELEASE_2_3_0-branch, RELEASE_2_2_1-snapshot, RELEASE_2_2_0_0-release, RELEASE_2_2_0-root, RELEASE_2_2_0-branch, RELEASE_2_2-root, PRE_LICENSE_UPDATE_2003, POST_LICENSE_UPDATE_2003, PEP217_PRE_BRANCH, PEP217_POST_BRANCH, PEP217_BRANCH, PEP213_SIZE_OPTIMIZATIONS, PEGASUS_FC_VERSION_2_2, MONITOR_CONSOLIDATION_2_5_BRANCH, LOCAL_ASSOCPROV-ROOT, LOCAL_ASSOCPROV-BRANCH, IBM_241_April1405, CQL_2_5_BRANCH, CHUNKTESTDONE_PEP140 Branch point for: RELEASE_2_3_2-branch Add CIM 2.7.1 Preliminary Schema to Schema Directory |
// =================================================================== // Title: User-Security Kerberos Services and Credentials 2.7 // Filename: User27_Kerberos.mof // Version: 2.7.0 // Status: Preliminary // Date: 07/07/2002 // =================================================================== // Copyright 2000-2002 Distributed Management Task Force, Inc. (DMTF). // All rights reserved. // DMTF is a not-for-profit association of industry members dedicated // to promoting enterprise and systems management and interoperability. // DMTF specifications and documents may be reproduced for uses // consistent with this purpose by members and non-members, // provided that correct attribution is given. // As DMTF specifications may be revised from time to time, // the particular version and release date should always be noted. // // Implementation of certain elements of this standard or proposed // standard may be subject to third party patent rights, including // provisional patent rights (herein "patent rights"). DMTF makes // no representations to users of the standard as to the existence // of such rights, and is not responsible to recognize, disclose, or // identify any or all such third party patent right, owners or // claimants, nor for any incomplete or inaccurate identification or // disclosure of such rights, owners or claimants. DMTF shall have no // liability to any party, in any manner or circumstance, under any // legal theory whatsoever, for failure to recognize, disclose, or // identify any such third party patent rights, or for such party's // reliance on the standard or incorporation thereof in its product, // protocols or testing procedures. DMTF shall have no liability to // any party implementing such standard, whether such implementation // is foreseeable or not, nor to any patent owner or claimant, and shall // have no liability or responsibility for costs or losses incurred if // a standard is withdrawn or modified after publication, and shall be // indemnified and held harmless by any party implementing the // standard from any and all claims of infringement by a patent owner // for such implementations. // // For information about patents held by third-parties which have // notified the DMTF that, in their opinion, such patent may relate to // or impact implementations of DMTF standards, visit // http://www.dmtf.org/about/policies/disclosures.php. // =================================================================== // Description: The User Model extends the management concepts that // are related to users and security. // This file defines the classes modeling a Kerberos // security service and credentials. // // The object classes below are listed in an order that // avoids forward references. Required objects, defined // by other working groups, are omitted. // =================================================================== // Change Log for v2.7 // CR784 - Promote 2 properties, Issued and Expired, from // CIM_KerberosTicket to CIM_Credential. // =================================================================== #pragma Locale ("en_US") // ================================================================== // KerberosKeyDistributionCenter // ================================================================== [Version ("2.6.0"), Description ("The Kerberos KDC.") ] class CIM_KerberosKeyDistributionCenter : CIM_CredentialManagementService { [Override ("Name"), Description ("The Realm served by this KDC.") ] string Name; [Description ( "The version of Kerberos supported by this service."), ValueMap {"0", "1", "2", "3"}, Values {"V4", "V5", "DCE", "MS"} ] uint16 Protocol[]; }; // ================================================================== // KerberosTicket // ================================================================== [Version ("2.7.0"), Description ( "A CIM_KerberosTicket represents a credential issued by a " "particular Kerberos Key Distribution Center (KDC) " "to a particular CIM_UsersAccess as the result of a " "successful authentication process. There are two types of " "tickets that a KDC may issue to a Users Access - a " "TicketGranting ticket, which is used to protect and " "authenticate communications between the Users Access and the " "KDC, and a Session ticket, which the KDC issues to two " "Users Access to allow them to communicate with each other.") ] class CIM_KerberosTicket : CIM_Credential { [Propagated ( "CIM_KerberosKeyDistributionCenter.SystemCreationClassName"), Key, MaxLen (256), Description ("The scoping System's CCN.") ] string SystemCreationClassName; [Propagated ("CIM_KerberosKeyDistributionCenter.SystemName"), Key, MaxLen (256), Description ("The scoping System's Name.") ] string SystemName; [Propagated ( "CIM_KerberosKeyDistributionCenter.CreationClassName"), Key, MaxLen (256), Description ("The scoping Service's CCN.") ] string ServiceCreationClassName; [Propagated ("CIM_KerberosKeyDistributionCenter.Name"), Key, MaxLen (256), Description ( "The scoping Service's Name. The Kerberos KDC Realm of " "CIM_KerberosTicket is used to record the security " "authority, or Realm, name so that tickets issued by " "different Realms can be separately managed and " "enumerated.") ] string ServiceName; [Key, MaxLen (256), Description ( "The name of the service for which this ticket is used.") ] string AccessesService; [Key, MaxLen (256), Description ( "RemoteID is the name by which the user is known at " "the KDC security service.") ] string RemoteID; [Description ( "The Type of CIM_KerberosTicket is used to indicate whether " "the ticket in question was issued by the Kerberos Key " "Distribution Center (KDC) to support ongoing communication " "between the Users Access and the KDC (\"TicketGranting\"), " "or was issued by the KDC to support ongoing communication " "between two Users Access entities (\"Session\")."), ValueMap {"0", "1"}, Values {"Session", "TicketGranting"} ] uint16 TicketType; }; // =================================================================== // KDCIssuesKerberosTicket // =================================================================== [Association, Version ("2.6.0"), Description ( "The KDC issues and owns Kerberos tickets. This association " "captures the relationship between the KDC and its issued " "tickets.") ] class CIM_KDCIssuesKerberosTicket : CIM_ManagedCredential { [Override ("Antecedent"), Min (1), Max (1), Description ("The issuing KDC.") ] CIM_KerberosKeyDistributionCenter REF Antecedent; [Override ("Dependent"), Weak, Description ("The managed credential.") ] CIM_KerberosTicket REF Dependent; }; // =================================================================== // end of file // ===================================================================
No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |