SecureServerExample: Implementing the Policy Server Framework

This example demonstrates the use of the policy server framework.

The example shows you how a server checks messages from a client against a security policy. It also shows you how to deal with the result of a security check.

The following sections provide more information about this example application:

Download

Click on the following link to download the example: SecureServer.zip

Click: browse to view the example code.

Description

The server contains a simple counter. It can change the value of the counter. It can also write the value of the counter to a file. The server offers the following services to a client:

  • Increase the value of the counter by any number greater than 1.

  • Decrease the value of the counter by any number greater than 1.

  • Increase the value of the counter by 1.

  • Decrease the value of the counter by 1.

  • Reset the counter to its default value.

  • Reset the counter to the value in the file counter.dat.

  • Save the counter value in the file counter.dat.

  • Send the current value of the counter to a client.

  • Create, initialise and close a subsession.

  • Send the current number of open subsessions to a client.

The client sends a message to the server to request one of these services. The server checks each request against its security policy. If the request fails the security check, the request is rejected.

The security policy has the following rules:

  • If a client asks the server to increase the counter value by more than 10, the client ‘s SID value must be less than or equal to 0x70fffff5.

  • If a client asks the server to decrease the counter value by more than 10, the client ‘s SID value must be less than or equal to 0x70fffff5.

  • If a client asks the server for the number of open subsessions, the client’s SID value must be 0x70fffff0.

  • If a client asks the server to save the counter value to the file counter.dat, the client must have both ReadDeviceData and WriteDeviceData capabilities.

  • If a client asks the server to reset the counter value from the file counter.dat, the client must have both ReadDeviceData and WriteDeviceData capabilities.

The example application shows how you to code security policies. It also shows you the constants and classes that you must define to use the policy server framework.

Build

The Symbian build process describes how to build this example.

The SecureServer example builds the following binaries in the standard location (\epoc32\release\winscw\<build_variant>) for Carbide.c++.

  • secureclient.exe: This is the client executable file. It starts the server and shows the behaviour of the client.

  • secureserver.dll: This is the DLL that contains the code for the server. This executable file must be built before secureclient.exe file.