6 #include <UserEvent.idl>
78 SSH_HOST_KEY_TYPE_RSA,
79 SSH_HOST_KEY_TYPE_ECDSA
84 SSH_KEY_FPRINT_TYPE_MD5_HEX,
85 SSH_KEY_FPRINT_TYPE_SHA256_BASE64,
86 SSH_KEY_FPRINT_TYPE_UNKNOWN
121 vector<string> oldPrivileges;
128 constant
int ERR_INVALID_VALUE = 1;
Security configuration interface
Definition: Security.idl:126
Settings getSettings()
Retrieve the security configuration.
void setHstsEnabled(in boolean enable)
Enable or disable HTTP Strict Transport Security (HSTS).
RoleAccessControl getRoleAccessControlSettingsV6()
Retrieve the role-base access control settings for IPv6.
int setSettings(in Settings settings)
Set the security configuration.
void setSSHSettings(in SSHSettings settings)
Change the SSH settings.
int setRoleAccessControlSettings(in RoleAccessControl settings)
Change the role-based access control settings.
IpFw_2_0_0 getIpFwSettings()
Retrieve the IPv4 packet filter configuration.
void getBlockSettings(out int blockTimeout, out int maxFailedLogins)
Retrieve the current user blocking settings.
boolean getHttpRedirSettings()
Retrieve the current state of the HTTP-to-HTTPS redirection.
int setIpV6FwSettings(in IpFw_2_0_0 ipV6Fw)
Set the IPv6 packet filter configuration.
int setIpFwSettings(in IpFw_2_0_0 ipFw)
Set the IPv4 packet filter configuration.
RoleAccessControl getRoleAccessControlSettings()
Retrieve the role-base access control settings for IPv4.
int setPwSettings(in PasswordSettings pwSettings)
Change the password settings.
int setIdleTimeoutSettings(in int idleTimeout)
Change the session idle timeout.
PasswordSettings getPwSettings()
Retrieve the password settings.
int setFrontPanelPrivileges(in vector< string > privileges)
Set the privileges for the front panel.
SSHSettings getSSHSettings()
Retrieve the current SSH settings.
vector< string > getFrontPanelPrivileges()
Retrieve the list of active front panel privileges.
int setRestrictedServiceAgreement(in RestrictedServiceAgreement settings)
Change the Restricted Service Agreement settings.
void setHttpRedirSettings(in boolean http2httpsRedir)
Enable or disable HTTP-to-HTTPS redirection.
int setRoleAccessControlSettingsV6(in RoleAccessControl settings)
Change the role-based access control settings for IPv6.
void setSingleLoginLimitation(in boolean singleLogin)
Enable or disable single login limitation.
int getIdleTimeoutSettings()
Retrieve the current idle timeout.
vector< SSHHostKey > getSSHHostKeys()
Retrieve the host SSH keys.
vector< string > getSupportedFrontPanelPrivileges()
Retrieve a list of supported privileges for the front panel.
boolean isHstsEnabled()
Check whether HTTP Strict Transport Security (HSTS) is enabled.
boolean getSingleLoginLimitation()
Retrieve the current single-login limitation setting.
RestrictedServiceAgreement getRestrictedServiceAgreement()
Retrieve the current Restricted Service Agreement settings.
IpFw_2_0_0 getIpV6FwSettings()
Retrieve the IPv6 packet filter configuration.
int setBlockSettings(in int blockTimeout, in int maxFailedLogins)
Change the user blocking settings.
int setDefaultAdminAccountPassword(in string password, in boolean disableStrongPasswordReq)
Set the default admin account password and optionally disable strong password requirements.
Security Configuration
Definition: Security.idl:11
valueobject PasswordSettingsChanged
This Event is emitted after any of the password-settings has been changed.
Definition: Security.idl:113
SSHHostKeyType
Type of SSH host key.
Definition: Security.idl:77
vector< string > newPrivileges
new front panel privileges
Definition: Security.idl:122
valueobject FrontPanelPrivilegesChanged
Front panel privileges have been changed.
Definition: Security.idl:115
RoleAccessPolicy
Role-based access policy.
Definition: Security.idl:36
@ DENY
Access denied.
Definition: Security.idl:38
@ ALLOW
Access granted.
Definition: Security.idl:37
IpfwPolicy
IP packet filter policy.
Definition: Security.idl:14
@ REJECT
Discard packet, send error response.
Definition: Security.idl:17
@ DROP
Silently discard the packet.
Definition: Security.idl:16
@ ACCEPT
Accept the packet.
Definition: Security.idl:15
SSHKeyFingerprintType
Type of SSH key fingerprint.
Definition: Security.idl:83
IP packet filter configuration.
Definition: Security.idl:27
boolean enabled
true to enable packet filtering
Definition: Security.idl:28
vector< IpfwRule > ruleSetOut
Ordered list of outbound firewall rules.
Definition: Security.idl:32
vector< IpfwRule > ruleSetIn
Ordered list of inbound firewall rules.
Definition: Security.idl:31
IpfwPolicy defaultPolicyOut
The default policy for outbound traffic in case no rule matches.
Definition: Security.idl:30
IpfwPolicy defaultPolicyIn
The default policy for inbound traffic in case no rule matches.
Definition: Security.idl:29
IP packet filter rule.
Definition: Security.idl:21
IpfwPolicy policy
Filter policy.
Definition: Security.idl:23
string ipMask
Remote IP and network mask.
Definition: Security.idl:22
Password settings.
Definition: Security.idl:57
boolean enableStrongReq
true to enable strong password requirements
Definition: Security.idl:60
boolean enableAging
true to enable password aging
Definition: Security.idl:58
boolean enforceSpecial
Passwords must contain at least one special character.
Definition: Security.idl:66
boolean enforceNumeric
Passwords must contain at least one numeric character.
Definition: Security.idl:65
int pwHistoryDepth
Number of entries in password history.
Definition: Security.idl:67
boolean enforceUpper
Passwords must contain at least one upper case character.
Definition: Security.idl:64
int maxPwLength
Maximum password length.
Definition: Security.idl:62
int agingInterval
Aging interval in days.
Definition: Security.idl:59
boolean enforceLower
Passwords must contain at least one lower case character.
Definition: Security.idl:63
int minPwLength
Minimum password length.
Definition: Security.idl:61
Restricted Service Agreement settings.
Definition: Security.idl:103
string banner
Restricted Service Agreement Banner.
Definition: Security.idl:105
boolean enabled
Enforce Restricted Service Agreement.
Definition: Security.idl:104
Role-based access control settings.
Definition: Security.idl:50
RoleAccessPolicy defaultPolicy
Default policy.
Definition: Security.idl:52
boolean enabled
true to enable role-based access control
Definition: Security.idl:51
vector< RoleAccessRule > rules
List of access rules.
Definition: Security.idl:53
Role-based access rule.
Definition: Security.idl:42
RoleAccessPolicy policy
Access policy.
Definition: Security.idl:46
string endIp
End of IP range.
Definition: Security.idl:44
int roleId
Role id.
Definition: Security.idl:45
string startIp
Start of IP range.
Definition: Security.idl:43
SSH host keys.
Definition: Security.idl:96
string key
Public key.
Definition: Security.idl:97
vector< SSHKeyFingerprint > fingerprints
Fingerprints of public key.
Definition: Security.idl:99
SSHHostKeyType type
Type of public key.
Definition: Security.idl:98
Fingerprints of SSH host key.
Definition: Security.idl:90
SSHKeyFingerprintType type
Type of fingerprint.
Definition: Security.idl:92
string fingerprint
Fingerprint of SSH key.
Definition: Security.idl:91
SSH authentication settings.
Definition: Security.idl:71
boolean allowPasswordAuth
Allow password authentication.
Definition: Security.idl:72
boolean allowPublicKeyAuth
Allow public key authentication.
Definition: Security.idl:73
Security configuration This structure is deprecated and will be removed in V3.0, use concrete getters...
Definition: Security.idl:134
boolean singleLogin
true to enable single login limitation
Definition: Security.idl:144
boolean http2httpsRedir
true to enable HTTP-to-HTTPS redirection
Definition: Security.idl:135
int userMaxFailedLogins
Maximum number of failed logins before blocking a user.
Definition: Security.idl:137
int idleTimeout
Session idle timeout in minutes.
Definition: Security.idl:143
PasswordSettings pwSettings
Password settings.
Definition: Security.idl:142
RoleAccessControl roleAccessControl
Role-based access control settings.
Definition: Security.idl:140
IpFw_2_0_0 ipV6Fw
IPv6 packet filter configuration.
Definition: Security.idl:139
SSHSettings sshSettings
SSH authentication settings.
Definition: Security.idl:145
IpFw_2_0_0 ipFw
IP packet filter configuration.
Definition: Security.idl:138
RoleAccessControl roleAccessControlV6
Role-based access control settings for IPv6.
Definition: Security.idl:141
int userBlockTimeout
User blocking timeout in minutes.
Definition: Security.idl:136