68 lines
3.1 KiB
Plaintext
68 lines
3.1 KiB
Plaintext
// Copyright (c) 2010 DMTF. All rights reserved.
|
|
[Version ( "2.27.0" ),
|
|
UMLPackagePath ( "CIM::User::SharedCredential" ),
|
|
Description (
|
|
"SharedCredential is a secret (such as a password or the "
|
|
"response to a challenge question) that is shared between a "
|
|
"principal and a particular SharedCredential security service. "
|
|
"Secrets may be in the form of a password used for initial "
|
|
"authentication, or as with a session key, used as part of a "
|
|
"message to verify the originator of the message. It is "
|
|
"important to note that SharedCredential is not just a "
|
|
"password, but rather is the password used with a particular "
|
|
"security service." )]
|
|
class CIM_SharedCredential : CIM_Credential {
|
|
|
|
[Key, Override ( "InstanceID" ),
|
|
Description (
|
|
"Within the scope of the instantiating Namespace, "
|
|
"InstanceID opaquely and uniquely identifies an instance "
|
|
"of this class. In order to ensure uniqueness within the "
|
|
"NameSpace, the value of InstanceID SHOULD be constructed "
|
|
"using the following \'preferred\' algorithm: \n"
|
|
"<OrgID>:<LocalID> \n"
|
|
"Where <OrgID> and <LocalID> are separated by a colon "
|
|
"\':\', and where <OrgID> MUST include a copyrighted, "
|
|
"trademarked or otherwise unique name that is owned by "
|
|
"the business entity creating/defining the InstanceID, or "
|
|
"is a registered ID that is assigned to the business "
|
|
"entity by a recognized global authority. (This is "
|
|
"similar to the <Schema Name>_<Class Name> structure of "
|
|
"Schema class names.) In addition, to ensure uniqueness, "
|
|
"<OrgID> MUST NOT contain a colon (\':\'). When using "
|
|
"this algorithm, the first colon to appear in InstanceID "
|
|
"MUST appear between <OrgID> and <LocalID>. \n"
|
|
"<LocalID> is chosen by the organizational entity and "
|
|
"SHOULD not be re-used to identify different underlying "
|
|
"(real-world) elements. If the above \'preferred\' "
|
|
"algorithm is not used, the defining entity MUST assure "
|
|
"that the resultant InstanceID is not re-used across any "
|
|
"InstanceIDs produced by this or other providers for this "
|
|
"instance\'s NameSpace. \n"
|
|
"For DMTF defined instances, the \'preferred\' algorithm "
|
|
"MUST be used with the <OrgID> set to \'CIM\'." )]
|
|
string InstanceID;
|
|
|
|
[Description (
|
|
"RemoteID is the name by which the principal is known at "
|
|
"the remote secret key authentication service." ),
|
|
MaxLen ( 256 )]
|
|
string RemoteID;
|
|
|
|
[Description ( "The secret known by the principal." )]
|
|
string Secret;
|
|
|
|
[Description (
|
|
"The transformation algorithm, if any, used to protect "
|
|
"passwords before use in the protocol. For instance, "
|
|
"Kerberos doesn\'t store passwords as the shared secret, "
|
|
"but rather, a hash of the password." )]
|
|
string Algorithm;
|
|
|
|
[Description (
|
|
"The protocol with which the SharedCredential is used." )]
|
|
string Protocol;
|
|
|
|
|
|
};
|