Cisco Cisco Prime Optical 10.3 Developer's Guide
Cisco Prime Optical 10.3 GateWay/CORBA Programmer Reference Guide
637
call to the NMS session interface, which forces the OSS client applications to
modify their shutdown application. This is not the preferred method.
modify their shutdown application. This is not the preferred method.
The GateWay/CORBA service clears the user session information from its
internal memory and database.
6.5 Unsupported Events
The Events with INDETERMINATE severity that are reported in the Alarm Log Browser of the
Managed Element in Cisco Prime Optical are not moved to the external OSS clients through the
CORBA Gateway.
Managed Element in Cisco Prime Optical are not moved to the external OSS clients through the
CORBA Gateway.
The severity of the Performance Monitoring Threshold Crossing Alerts (TCAs) are always set to
6.6 Using Encryption Between the OSS Client and GateWay/CORBA
Prime Optical uses improved encryption of usernames and passwords for network security. You
can set the Control Panel to send encrypted usernames and passwords to GateWay/CORBA:
can set the Control Panel to send encrypted usernames and passwords to GateWay/CORBA:
Step 1
Log into the Prime Optical client with administrator privileges.
Step 2
In the Domain Explorer window, choose Administration > Control Panel.
Step 3
Click the GateWay/CORBA Service tab for the GateWay/CORBA Service property
sheet.
sheet.
Step 4
Click the Global tab and check the Enable Encryption for Username and
Password check box.
Password check box.
Step 5
Click Save; then, click Yes in the confirmation dialog box. Changes take effect
immediately.
immediately.
If the OSS clients enable the encryption feature, they must provide implementation for RSA-
based encryption by retrieving the RSA public key or the public key pair from
GateWay/CORBA and by using cryptographic libraries.
• To obtain the RSA public key from Prime Optical, use the
based encryption by retrieving the RSA public key or the public key pair from
GateWay/CORBA and by using cryptographic libraries.
• To obtain the RSA public key from Prime Optical, use the
emsSessionFactory::EmsSessionFactory_I:: getEmsPublicKey API. See
• To obtain the RSA public key pair from Prime Optical, use the
emsSessionFactory::EmsSessionFactory_I:: getEmsPublicKeyPair API. See
Prime Optical uses a 512-bit (64-byte) key size and returns the string representation of the RSA
public key or public key pair, encoded in the Base64 encoding scheme. OSS clients should use
Base64 decoders to decode the public key and get the byte[] of the public key from the decoded
public key string. The byte[] corresponding to the public key represents the key in its primary
encoded format (X.509 SubjectPublicKeyInfo). Using this byte[] and cryptographic libraries, the
RSA public key can be created.
One example of the security provider is Bouncy Castle Provider.
Use the public key to encrypt the username and password. Before passing the encrypted
username and password to Prime Optical for login, OSS clients should encode the encrypted
public key or public key pair, encoded in the Base64 encoding scheme. OSS clients should use
Base64 decoders to decode the public key and get the byte[] of the public key from the decoded
public key string. The byte[] corresponding to the public key represents the key in its primary
encoded format (X.509 SubjectPublicKeyInfo). Using this byte[] and cryptographic libraries, the
RSA public key can be created.
One example of the security provider is Bouncy Castle Provider.
Use the public key to encrypt the username and password. Before passing the encrypted
username and password to Prime Optical for login, OSS clients should encode the encrypted