NAME

rpc_binding_set_auth_info- sets authentication, authorisation and protection-level information for a binding handle

SYNOPSIS

#include <dce/rpc.h>
#include <dce/sec_login.h>

void rpc_binding_set_auth_info(
	rpc_binding_handle_t binding,
	unsigned_char_t *server_princ_name,
	unsigned32 protect_level,
	unsigned32 authn_svc,
	rpc_auth_identity_handle_t auth_identity,
	unsigned32 authz_svc,
	unsigned32 *status);

PARAMETERS

Input

binding

Specifies the server binding handle for which to set the authentication, authorisation and protection-level information.

server_princ_name

Specifies a principal name for the server referenced by binding. The content and syntax of this name depend on the value of authn_svc. (See Authentication, Authorisation and Protection-level Arguments for authentication service-specific syntax.)

Note:

An application can call the rpc_mgmt_inq_server_princ_name() routine to obtain the principal name of a server that is registered for the required authentication service. (See tagmref_rpc_mgmt_inq_server_princ_name for details.)

protect_level

Specifies the protection level for remote procedure calls made using binding. The protection level determines the degree to which authenticated communications between the client and the server are protected. (See Authentication, Authorisation and Protection-level Arguments for possible values of this argument.)

authn_svc

Specifies the authentication service to use for calls made on binding. (See Authentication, Authorisation and Protection-level Arguments for possible values of this argument.)

auth_identity

Specifies a handle for a data structure that contains the client's authentication and authorisation credentials. The data type of this structure depends on the values of authn_svc and authz_svc. (See Authentication, Authorisation and Protection-level Arguments for information on the service-specific data types.)

Specify NULL to use the default security login context for the current address space. The default is the context in effect at the time of the call to rpc_binding_set_auth_info(). For information on how the default security login context is established, you can refer to the DCE: Security Services specification when it becomes available.

authz_svc

Specifies the authorisation service to be used for calls made on binding. (See Authentication, Authorisation and Protection-level Arguments for possible values of this argument.)

Output

status

Returns the status code from this routine. The status code indicates whether the routine completed successfully, or if not, why not.

Possible status codes and their meanings include:

rpc_s_ok

Success.

rpc_s_unknown_authn_service

Unknown authentication service.

rpc_s_authn_authz_mismatch

The requested authorisation service is not supported by the requested authentication service.

rpc_s_unsupported_protect_level

The requested protection level is not supported and could not be upgraded to a higher supported level.

rpc_s_mgmt_op_disallowed

Management operation disallowed.

DESCRIPTION

The rpc_binding_set_auth_info() routine sets authentication, authorisation and protection-level information for the server binding handle, binding. A client application that wants to make authenticated remote procedure calls first calls this routine. Any RPC calls subsequently made on binding will be authenticated according to the information set by this call. If a client application has not called rpc_binding_set_auth_info() for a binding, remote procedure calls made on that binding are unauthenticated.

Note that the value of protect_level actually set for binding depends on the protection levels supported by the implementation. The value set may be higher than the level requested. When an application requests a protection level that is not supported, the RPC run-time system attempts to upgrade the protection level to the next highest supported level. When it succeeds, the binding will be given a higher protection level than the one requested. Authentication, Authorisation and Protection-level Arguments gives the canonical ordering of protect_level values from lowest to highest. Applications can call the routine rpc_binding_inq_auth_info() to discover the protection level actually set.

To find the authentication, authorisation and protection-level information set for a binding handle, applications call rpc_binding_inq_auth_info().

RETURN VALUE

None.

SEE ALSO

rpc_binding_inq_auth_caller()
rpc_binding_inq_auth_info()
rpc_mgmt_inq_server_princ_name().

Please note that the html version of this specification may contain formatting aberrations. The definitive version is available as an electronic publication on CD-ROM from The Open Group.