The solution security policy in this example allows you to start all entities, and allows any entity to query the Core and Server entities. Calls to Server entity methods are controlled using flow class security policies (finite-state machine model).
The finite-state machine described in the request_state object configuration has two states: ping_next and pong_next. The initial state is ping_next. Only transitions from ping_next to pong_next and the reverse are allowed.
When the Ping and Pong methods are called, the current state of the request_state object is checked. In the ping_next state, only a Ping call is allowed, in which case the state changes to pong_next. Likewise, in the pong_next state, only a Pong call is allowed, in which case the state changes to ping_next.
Therefore, the Ping and Pong methods can be called only in succession.
security.psl
/* Solution security policy for demonstrating use of the "flow" class in the "ping" example. */
/* Imports a file containing a declaration of aliases of basic policies
and a file containing a declaration of the "flow" policy class (finite-state machine). */
use nk.base._
use nk.flow._
/* Creates a "Flow" class object. Name of the new object: request_state. */
policy object request_state : Flow {
type States = "ping_next" | "pong_next"
config = {
states : ["ping_next" , "pong_next"],
initial : "ping_next",
transitions : {
"ping_next" : ["pong_next"],
"pong_next" : ["ping_next"]
}
}
}
/* Startup of entities is allowed. */
execute {
grant ()
}
/* Request messages are allowed. */
request {
grant ()
}
/* Response messages are allowed. */
response {
grant ()
}
/* Declaration of entities. */
use EDL kl.core.Core
use EDL Client
use EDL Server
use EDL Einit
/* When the Server entity is started, switch the request_state to its initial state. */
execute dst=Server {
request_state.init {sid: dst_sid}
}
/* When the Ping method is called, verify that the "request_state" object has the "ping_next" state.
If it does, allow the Ping method call and switch the "request_state" object to the "pong_next" state. */
request dst=Server, endpoint=pingComp.pingImpl, method=Ping {
request_state.allow {sid: dst_sid, states: ["ping_next"]}
request_state.enter {sid: dst_sid, state: "pong_next"}
}
/* When the Pong method is called, verify that the "request_state" object has the "pong_next" state.
If it does, allow the Pong method call and switch the "request_state" object to the "ping_next" state. */
request dst=Server, endpoint=pingComp.pingImpl, method=Pong {
request_state.allow {sid: dst_sid, states: ["pong_next"]}
request_state.enter {sid: dst_sid, state: "ping_next"}
}
Page top