Previous section.

DCE 1.1: Authentication and Security Services
Copyright © 1997 The Open Group

NAME

sec_login_newgroups-Restrict group membership information of a login context

SYNOPSIS

#include <dce/sec_login.h>

boolean32 sec_login_newgroups (
    sec_login_handle_t login_context,
    sec_login_flags_t flags,
    unsigned32 count,
    sec_id_t groups[],
    sec_login_handle_t *restricted_login_context,
    error_status_t *status );

PARAMETERS

Input

login_context

Login context whose group membership information is to be changed.

flags

Flag word indicating attributes of the modified login context.

count

Number of local groups in the array groups.

groups[]

Array of groups to include in the modified login context.

Output

restricted_login_context

The restricted login context.

status

The completion status.

DESCRIPTION

The sec_login_newgroups() routine restricts the group membership information of a (validated) login context, to, effectively, the intersection of its existing group membership information and the information supplied in the groups array. Thus, groups can be viewed as the maximum group membership privilege that will be claimed by an RPC annotated (see rpc_binding_set_auth_info()) with the restricted login context.

The restricted login context remains validated.

RETURN VALUES

This routine returns non-0 (TRUE) upon success, 0 (FALSE) upon failure.

ERRORS

error_status_ok

sec_login_s_auth_local

sec_login_s_default_use

sec_login_s_groupset_invalid

SEE ALSO

Functions: sec_login_get_groups().
Please note that the html version of this specification may contain formatting aberrations. The definitive version is available as an electronic publication on CD-ROM from The Open Group.

Contents Next section Index