PreviousNext

Access Control on Attributes with Triggers

When a query or update call accesses an attribute associated with an attribute trigger, the call checks the ACL of the object with which the attribute is associated to see if the client has the permissions required for the operation. If access is granted, the operation returns a binding handle authenticated with the client's login context. This handle is then used to perform the sec_attr_trig_query or sec_attr_trig_update operation.

Access to information maintained by an attribute trigger is controlled entirely by that attribute trigger. The attribute trigger can choose to implement any authorization mechanism, including none. For example, the attribute trigger can obtain the client's identity from the RPC runtime to perform name-based authentication and perform ACL checks (or any other type of access control mechanism), and it can query the registry attribute schema for the attribute type's permission set to use for an ACL check. Access control on attribute information stored outside of the registry database is left to the application designer.