sec_cred_get_delegate- Returns a handle to the privilege attributes of an intermediary in a delegation chain
#include <dce/sec_cred.h> sec_cred_pa_handle_t sec_cred_get_delegate ( rpc_authz_cred_handle_t callers_identity, sec_cred_cursor_t *cursor, error_status_t *status );
Input
- callers_identity
A handle of type rpc_authz_cred_handle_t. This handle is supplied as output of the rpc_binding_inq_auth_caller() call.
Input/Output
- cursor
As input, a pointer to a cursor of type sec_cred_cursor_t that has been initialized by the sec_cred_initialize_cursor() call. As an output argument, cursor is a pointer to a cursor of type sec_attr_srch_cursor_t that is positioned past the principal whose privilege attributes have been returned in this call.
Output
- status
A pointer to the completion status. On successful completion, status is assigned error_status_ok.
Thesec_cred_get_delegate() routine returns a handle to the the privilege attributes of an intermediary in a delegation chain that performed an authenticated RPC operation.This call is used by servers. Clients use the
sec_login_cred_get_delegate() routine to return the privilege attribute handle of an intermediary in a delegation chain.The credential handle identified by callers_identity contains authentication and authorization information for all delegates in the chain. This call returns a handle (sec_cred_pa_handle_t) to the privilege attributes of one of the delegates in the binding handle. The sec_cred_pa_handle_t returned by this call is used in other
sec_cred_get_*() calls to obtain privilege attribute information for a single delegate.To obtain the privilege attributes of each delegate in the credential handle identified by callers_identity, execute this call until the message sec_cred_s_no_more_entries is returned.
Before you execute
sec_cred_get_delegate() , you must execute
- An
rpc_binding_inq_auth_caller() call to obtain an rpc_authz_cred_handle_t for the callers_identity argument.
- A
sec_cred_initialize_cursor() call to initialize a cursor of type sec_cred_cursor_t.
Use the sec_cred_free_pa_handle() call to free the resources associated with the sec_cred_pa_handle_t.
- /usr/include/dce/sec_cred.idl
The idl file from which dce/sec_cred.h was derived.
- sec_cred_s_invalid_auth_handle
- sec_cred_s_invalid_cursor
- sec_cred_s_no_more_entries
- error_status_ok
Functions:rpc_binding_inq_auth_caller() ,sec_cred_free_pa_handle() ,sec_cred_get_deleg_restrictions() ,sec_cred_get_delegation_typ() ,sec_cred_get_extended_attrs() ,sec_cred_get_opt_restrictions() ,sec_cred_get_pa_date() ,sec_cred_get_req_restrictions() ,sec_cred_get_tgt_restrictions() ,sec_cred_get_v1_pac() ,sec_cred_initialize_cursor() .
Contents | Next section | Index |