sec_cred_get_authz_session_info(3sec) — Subroutines
NAME
sec_cred_get_authz_session_info — Returns session-specific information that represents an authenticated client’s credentials
Synopsis
void sec_cred_get_authz_session_info(
rpc_authz_cred_handle_t callers_identity,
uuid_t ∗session_id,
sec_timeval_t ∗session_expiration,
error_status_t ∗status);
Parameters
Input
callers_identity
A credential handle of type rpc_authz_cred_handle_t. This handle is supplied as output of the rpc_binding_inq_auth_caller() call.
Output
session_ID
A pointer to a uuid_t that identifies the client’s DCE authorization session.
session_expiration
A pointer to a sec_timeval_t that specifies the expiration time of the authenticated client’s credentials.
statusA pointer to the completion status. On successful completion, status is assigned error_status_ok. Otherwise, it returns an error.
Description
The sec_cred_get_authz_session_info() routine retrieves session-specific information that represents the credentials of authenticated client specified by callers_identity. If the client is a member of a delegation chain, the information represents the credentials of all members of the chain.
The information can aid application servers in the construction of identity-based caches. For example, it could be used as a key into a cache of previously allocated delegation contexts and thus avoid the overhead of allocating a new login context on every remote operation. It could also be used as a key into a table of previously computed authorization decisions.
Before you execute this call, you must execute an rpc_binding_inq_auth_caller() call to obtain an rpc_authz_cred_handle_t for the callers_identity parameter.
Errors
The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.
sec_cred_s_authz_cannot_comply
error_status_ok
Related Information
Functions: rpc_binding_inq_auth_caller(rpc), sec_intro(3sec).