DCE_SECURITY, API Routines, sec_cred_get_delegate
*Conan The Librarian (sorry for the slow response - running on an old VAX)
|
VMS Help DCE_SECURITY, API Routines, sec_cred_get_delegate *Conan The Librarian (sorry for the slow response - running on an old VAX) |
|
NAME
sec_cred_get_delegate - Returns a handle to the privilege attributes
of an intermediary in a delegation chain
SYNOPSIS
#include <dce/sec_cred.h>
sec_cred_pa_handle_t sec_cred_get_delegate(
rpc_authz_cred_handle_t callers_identity,
sec_cred_cursor_t *cursor,
error_status_t *status);
PARAMETERS
Input
callers_identity
A handle of type rpc_authz_cred_handle_t. This handle is supplied
as output of the rpc_binding_inq_auth_caller() call.
Input/Output
cursor
As input, a pointer to a cursor of type sec_cred_cursor_t that has
been initialized by the sec_cred_initialize_cursor() call. As an
output parameter, cursor is a pointer to a cursor of type
sec_attr_srch_cursor_t that is positioned past the principal whose
privilege attributes have been returned in this call.
Output
status
A pointer to the completion status. On successful completion,
status is assigned error_status_ok.
DESCRIPTION
The sec_cred_get_delegate() routine returns a handle to the the
privilege attributes of an intermediary in a delegation chain that
performed an authenticated RPC operation.
This call is used by servers. Clients use the
sec_login_cred_get_delegate() routine to return the privilege attribute
handle of an intermediary in a delegation chain.
The credential handle identified by callers_identity contains authenti-
cation and authorization information for all delegates in the chain.
This call returns a handle (sec_cred_pa_handle_t) to the privilege
attributes of one of the delegates in the binding handle. The
sec_cred_pa_handle_t returned by this call is used in other
sec_cred_get... calls to obtain privilege attribute information for a
single delegate.
To obtain the privilege attributes of each delegate in the credential
handle identified by callers_identity, execute this call until the
message sec_cred_s_no_more_entries is returned.
Before you execute sec_cred_get_delegate(), you must execute:
+ An rpc_binding_inq_auth_caller() call to obtain an
rpc_authz_cred_handle_t for the callers_identity parameter.
+ A sec_cred_initialize_cursor() call to initialize a cursor of type
sec_cred_cursor_t.
Use the sec_cred_free_pa_handle() all to free the resources associated
with the sec_cred_pa_handle_t.
ERRORS
sec_cred_s_invalid_auth_handle
sec_cred_s_invalid_cursor
sec_cred_s_no_more_entries
error_status_ok
RELATED INFORMATION
Functions: sec_intro
rpc_binding_inq_auth_caller
sec_cred_initialize_cursor
sec_cred_get_deleg_restrictions
sec_cred_get_delegation_type
sec_cred_get_extended_attrs
sec_cred_get_opt_restrictions
sec_cred_get_pa_date
sec_cred_get_req_restrictions
sec_cred_get_tgt_restrictions
sec_cred_get_v1_pac
sec_cred_free_pa_handle
|
|
