Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ sec_login_become_impersonator(3sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

sec_login_become_impersonator(3sec)  —  Subroutines

NAME

sec_login_become_impersonator — Used by a server to create a login context and assoicated handle that impersonates the identity of a caller

Synopsis

sec_login_handle_t sec_login_become_impersonator(
rpc_authz_cred_handle_t callers_identity,
sec_login_handle_t my_login_context,
sec_id_delegation_type_t delegation_type_permitted,
sec_id_restriction_set_t ∗delegate_restrictions,
sec_id_restriction_set_t ∗target_restrictions,
sec_id_opt_req_t ∗optional_restrictions,
sec_id_opt_req_t ∗required_restrictions,
error_status_t ∗status);

Description

The sec_login_become_impersonator() is used by intermediate servers to become an impersonator for the client identified by callers_identity.  The routine returns a new login context (of type sec_login_handle_t) that carries delegation information.  This information includes the delegation type, delegate, and target restrictions, and any application-defined optional and required restrictions. 

The new login context created by this call can then used to to set up authenticated rpc with an intermediate or target server using the rpc_binding_set_auth_info() call. 

The effective optional and required restrictions are the union of the optional and required restrictions specified in this call and specified by the initiating client and any intermediate clients.  The effective target and delegate restrictions are the intersection of the target and delegate restrictions specified in this call and specified by the initiating client and any intermediate clients. 

The sec_login_become_impersonator call is run only if the initiating client enabled simple delegation by setting the delegation_type_permitted parameter in the sec_login_become_initiator call to sec_id_deleg_type_simple. 

Files

/usr/include/dce/sec_login.idl
The idl file from which dce/sec_login.h was derived. 

Errors

The following describes a partial list of errors that might be returned.  Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

err_sec_login_invalid_delegate_restriction

err_sec_login_invalid_target_restriction

err_sec_login_invalid_opt_restriction

err_sec_login_invalid_req_restriction

sec_login_s_invalid_deleg_type

sec_login_s_invalid_compat_mode

sec_login_s_deleg_not_enabled

error_status_ok

Related Information

Functions: rpc_binding_inq_auth_caller(3rpc), sec_intro(3sec), sec_login_become_initiator(3sec). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026