Limiting Access
A secure daemon controls user access to local communications. Administrators can limit access at two levels of granularity:
| • | Network and service |
| • | Subject |
Network and Service Authorization
Each secure daemon allows its users to communicate over a set of local networks. Two parameters together define a local network:
| • | Network Specification |
For details, see Constructing the Network Parameter.
| • | UDP Service |
For details, see Specifying the UDP Service.
You must explicitly authorize each local network by specifying these two parameters. To authorize a local network, see Authorize Network and Service Pairs.
Users can communicate only on the local networks that you authorize. A user program cannot create a client transport that specifies an unauthorized local network (the transport create call produces an error status code).
As an administrator, you can designate a default local network. A client transport that does not specify particular network and service parameters automatically communicates over this default local network; see Default Network and Service.
Subject Authorization
Each secure daemon allows its users to communicate using a set of Rendezvous subject names.
| • | Subjects authorized for sending can flow from client transports out to local networks. |
A client transport that sends a message with an unauthorized subject does not receive any error indication; instead, the secure daemon silently discards the message.
| • | Subjects authorized for listening can flow to client transports from local networks. |
A client transport that creates a listener with an unauthorized subject does not receive any error indication—but the resulting listener object never receives any messages.
Subject authorization applies equally to all users and all local networks.
All _INBOX subjects are implicitly authorized. It is not necessary to explicitly authorize _INBOX subjects.
To authorize secure daemon subjects, see Authorize Subjects.
|
Note |
If clients use fault tolerance, certified message delivery, or distributed queue features, you must authorize the appropriate administrative subjects; see these tables:
|