810 lines
29 KiB
HTML
810 lines
29 KiB
HTML
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||
|
<html>
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
||
|
<title>eimGetTargetCredsFromSource()--Get EIM Target Identities and Credentials
|
||
|
from the Source</title>
|
||
|
<!-- Begin header records -->
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<!-- Change History: -->
|
||
|
<!-- YYMMDD USERID Change description -->
|
||
|
<!-- New for V5R4 -->
|
||
|
<!-- End Header Records -->
|
||
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
||
|
</head>
|
||
|
<body>
|
||
|
<!--Java sync-link-->
|
||
|
<script type="text/javascript" language="javascript" src="../rzahg/synch.js">
|
||
|
</script>
|
||
|
|
||
|
<a name="Top_Of_Page"></a>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
|
||
|
|
||
|
<h2><img src="delta.gif" alt="Start of change">eimGetTargetCredsFromSource() --Get
|
||
|
EIM Target Identities and Credentials from the Source</h2>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- S Y N T A X / P A R M T A B L E -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
<div class="box" style="width: 80%;">
|
||
|
<br>
|
||
|
Syntax
|
||
|
|
||
|
<pre>
|
||
|
#include <eim.h>
|
||
|
|
||
|
int eimGetTargetCredsFromSource(EimHandle * <em>eim</em>,
|
||
|
char * <em>sourceRegistryName</em>,
|
||
|
char * <em>sourceRegistryUserName</em>,
|
||
|
char * <em>targetRegistryName</em>,
|
||
|
char * <em>additionalInformation</em>,
|
||
|
unsigned int <em>lengthOfListData</em>,
|
||
|
EimList * <em>listData</em>,
|
||
|
EimRC * <em>eimrc</em>)
|
||
|
|
||
|
|
||
|
</pre>
|
||
|
|
||
|
Service Program Name: QSYS/QSYEIM <br>
|
||
|
<!-- iddvc RMBR -->
|
||
|
<br>
|
||
|
Default Public Authority: *USE<br>
|
||
|
<!-- iddvc RMBR -->
|
||
|
<br>
|
||
|
Threadsafe: Yes<br>
|
||
|
<!-- iddvc RMBR -->
|
||
|
<br>
|
||
|
</div>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- D E S C R I P T I O N -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
<p>The <strong>eimGetTargetCredsFromSource()</strong> function gets the target
|
||
|
identity(ies) and credentials associated with the source identity as defined
|
||
|
by source registry
|
||
|
name and source registry user. This is known as a mapping lookup operation --
|
||
|
from the known source information return the user for this target registry.</p>
|
||
|
<p>
|
||
|
EIM version 3 must be supported by the local EIM APIs to use this API
|
||
|
(see <a href="eimgetversion.htm">eimGetVersion()</a>--Get EIM Version).
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
See <a href="eimmappinglookup.htm">EIM Mapping Lookup Algorithm</a>
|
||
|
for the steps involved in a mapping lookup operation.
|
||
|
</p>
|
||
|
|
||
|
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- A U T H O R I T I E S A N D L O C K S -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
|
||
|
<h3>Authorities and Locks</h3>
|
||
|
|
||
|
<dl>
|
||
|
<dt><em>EIM Data</em></dt>
|
||
|
|
||
|
<dd>Access to EIM data is controlled by EIM access groups. LDAP administrators
|
||
|
also have access to EIM data. The access groups whose members have authority to
|
||
|
the mapping lookup data for this API follow:
|
||
|
|
||
|
<ul>
|
||
|
<li>EIM Administrator</li>
|
||
|
|
||
|
<li>EIM Registries Administrator</li>
|
||
|
|
||
|
<li>EIM Identifiers Administrator</li>
|
||
|
|
||
|
<li>EIM Mapping Lookup</li>
|
||
|
|
||
|
<li>EIM authority to an individual registry</li>
|
||
|
</ul>
|
||
|
|
||
|
<p>The list returned contains only the information that the user has authority
|
||
|
to access.</p>
|
||
|
|
||
|
<p>The credential information for the target identity is considered security
|
||
|
sensitive data. Access to this data is more strictly controlled.
|
||
|
The access groups whose members have authority to
|
||
|
the credential information for the target identity follow:</p>
|
||
|
|
||
|
<ul>
|
||
|
<li>EIM Administrator</li>
|
||
|
|
||
|
<li>EIM Credential Data</li>
|
||
|
|
||
|
<li>EIM authority to an individual registry</li>
|
||
|
</ul>
|
||
|
<p>Note that the EIM Credential Data access group does not have access to the
|
||
|
mapping lookup data. If a user is a member of the EIM Credential Data
|
||
|
access group, then the
|
||
|
user must also be a member of one of the access groups that has access to
|
||
|
the mapping lookup data.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- P A R A M E T E R S -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
|
||
|
<h3>Parameters</h3>
|
||
|
|
||
|
<dl><!-- ============================================================== -->
|
||
|
<!-- eim -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>eim</strong> (Input)</dt>
|
||
|
|
||
|
<dd>The EIM handle returned by a previous call to eimCreateHandle(). A valid
|
||
|
connection is required for this function.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- sourceRegistryName -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>sourceRegistryName</strong> (Input)</dt>
|
||
|
|
||
|
<dd>The source registry for this lookup operation.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- sourceRegistryUserName -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>sourceRegistryUserName</strong> (Input)</dt>
|
||
|
|
||
|
<dd>The source user name for this lookup operation.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- targetRegistryName -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>targetRegistryName</strong> (Input)</dt>
|
||
|
|
||
|
<dd>The target registry for this lookup operation.
|
||
|
|
||
|
A NULL parameter indicates that the <samp>localRegistry</samp>
|
||
|
set by the eimSetConfiguration() API or the
|
||
|
eimSetConfigurationExt() API should be used.
|
||
|
|
||
|
<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- additionalInfo -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>additionalInfo</strong> (Input)</dt>
|
||
|
|
||
|
<dd>Additional information that will be used as selection criteria for this
|
||
|
operation. This may be NULL. This filter data may contain the wild card
|
||
|
char(*).<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- lengthOfListData -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>lengthOfListData</strong> (Input)</dt>
|
||
|
|
||
|
<dd>The number of bytes provided by the caller for the <em>listData</em>
|
||
|
parameter. The minimum size required is 20 bytes</dd>
|
||
|
|
||
|
<dd><br>
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- listData -->
|
||
|
<!-- ============================================================== -->
|
||
|
</dd>
|
||
|
|
||
|
<dt><strong>listData</strong> (Output)</dt>
|
||
|
|
||
|
<dd>A pointer to the EimList structure.
|
||
|
|
||
|
<p>The EimList structure contains information about the returned data. The API
|
||
|
will return as much data as space has been provided. The data returned is a
|
||
|
linked list of EimTargetIdentity structures. firstEntry is used to get to the
|
||
|
first EimTargetIdentity structure in the linked list. Each EimTargetIdentity
|
||
|
entry contains a user name returned by this lookup operation.</p>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- EimList -->
|
||
|
<!-- ============================================================== -->
|
||
|
<p>EimList structure:</p>
|
||
|
|
||
|
<pre>
|
||
|
typedef struct EimList
|
||
|
{
|
||
|
unsigned int bytesReturned; /* Number of bytes actually returned
|
||
|
by the API */
|
||
|
unsigned int bytesAvailable; /* Number of bytes of available data
|
||
|
that could have been returned by
|
||
|
the API */
|
||
|
unsigned int entriesReturned; /* Number of entries actually
|
||
|
returned by the API */
|
||
|
unsigned int entriesAvailable; /* Number of entries available to be
|
||
|
returned by the API */
|
||
|
unsigned int firstEntry; /* Displacement to the first linked
|
||
|
list entry. This byte offset is
|
||
|
relative to the start of the
|
||
|
EimList structure. */
|
||
|
} EimList;
|
||
|
</pre>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EimTargetIdentity -->
|
||
|
<!-- ============================================================== -->
|
||
|
<p>EimTargetIdentity structure:</p>
|
||
|
|
||
|
<pre>
|
||
|
typedef struct EimTargetIdentity
|
||
|
{
|
||
|
unsigned int nextEntry; /* Displacement to next entry. This
|
||
|
byte offset is relative to the
|
||
|
start of this structure */
|
||
|
EimListData userName; /* User name */
|
||
|
enum EimAssociationType type; /* Association type */
|
||
|
EimListData sourceGroupRegistry;/* Source group registry name */
|
||
|
EimListData targetGroupRegistry;/* Target group registry name */
|
||
|
EimSubList credentialInfo; /* EimCredentialInfo sublist */
|
||
|
} EimTargetIdentity;
|
||
|
</pre>
|
||
|
|
||
|
<p>
|
||
|
The <em>sourceGroupRegistry</em> will be returned if the target identity
|
||
|
was found using a source association to a group registry. The
|
||
|
<em>targetGroupRegistry</em> will be returned if the target identity
|
||
|
was found using a target association to a group registry.</p>
|
||
|
<p>
|
||
|
Target identities may have several types of credentials. In the
|
||
|
EimTargetIdentity structure, credentialInfo gives addressability to the first
|
||
|
EimCredentialInfo structure that contains a linked list of credentials.
|
||
|
</p>
|
||
|
<p>
|
||
|
If there is credential information for the target identity, but the caller
|
||
|
is not authorized to access the credential information or the
|
||
|
credential data is not enabled, the
|
||
|
EimCredentialInfo structure will be returned with the <em>type</em> and
|
||
|
<em>status</em> fields filled in. The <em>data</em> field will not be
|
||
|
returned (<em>length</em> and <em>disp</em> will be 0). If there is no
|
||
|
credential information, the EimCredentialInfo structure will not be
|
||
|
returned in the <em>credentialInfo</em> sublist.
|
||
|
</p>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EimCredentialInfo -->
|
||
|
<!-- ============================================================== -->
|
||
|
<p>EimCredentialInfo structure:</p>
|
||
|
|
||
|
<pre>
|
||
|
typedef struct EimCredentialInfo
|
||
|
{
|
||
|
unsigned int nextEntry; /* Displacement to next entry. This
|
||
|
byte offset is relative to the
|
||
|
start of this structure. */
|
||
|
enum EimCredentialType type; /* Credential type */
|
||
|
enum EimStatus status; /* Credential status
|
||
|
0 = not enabled
|
||
|
1 = enabled */
|
||
|
EimListData data; /* Credential data */
|
||
|
} EimCredentialInfo;
|
||
|
</pre>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EimSubList -->
|
||
|
<!-- ============================================================== -->
|
||
|
<p>EimSubList structure:</p>
|
||
|
|
||
|
<pre>
|
||
|
typedef struct EimSubList
|
||
|
{
|
||
|
unsigned int listNum; /* Number of entries in the list */
|
||
|
unsigned int disp; /* Displacement to sublist. This
|
||
|
byte offset is relative to the
|
||
|
start of the parent structure;
|
||
|
that is, the structure containing
|
||
|
this structure. */
|
||
|
} EimSubList;
|
||
|
</pre>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EimListData -->
|
||
|
<!-- ============================================================== -->
|
||
|
<p>EimListData structure:</p>
|
||
|
|
||
|
<pre>
|
||
|
typedef struct EimListData
|
||
|
{
|
||
|
unsigned int length; /* Length of data */
|
||
|
unsigned int disp; /* Displacement to data. This byte
|
||
|
offset is relative to the start of
|
||
|
the parent structure; that is, the
|
||
|
structure containing this
|
||
|
structure. */
|
||
|
} EimListData;
|
||
|
</pre>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- eimrc -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>eimrc</strong> (Input/Output)</dt>
|
||
|
|
||
|
<dd>The structure in which to return error code information. If the return
|
||
|
value is not 0, eimrc is set with additional information. This parameter may be
|
||
|
NULL. For the format of the structure, see <a href="eimrc.htm">EimRC--EIM
|
||
|
Return Code Parameter</a>.</dd>
|
||
|
|
||
|
<dd><br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- R E T U R N V A L U E -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
<h3>Return Value</h3>
|
||
|
|
||
|
<p>The return value from the API. Following each return value is the list of
|
||
|
possible values for the <samp>messageCatalogMessageID</samp> field in the
|
||
|
<em>eimrc</em> parameter for that value.</p>
|
||
|
|
||
|
<dl><!-- ============================================================== -->
|
||
|
<!-- 0 -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>0</strong></dt>
|
||
|
|
||
|
<dd>Request was successful.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EACCES -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>EACCES</strong></dt>
|
||
|
|
||
|
<dd>Access denied. Not enough permissions to access data.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_ACCESS (1)</em></td>
|
||
|
<td align="left" valign="top">Insufficient access to EIM data.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EBADDATA -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>EBADDATA</strong></dt>
|
||
|
|
||
|
<dd>eimrc is not valid.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EBADNAME -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>EBADNAME</strong></dt>
|
||
|
|
||
|
<dd>Registry not found or insufficient access to EIM data.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_NOREG (28)</em></td>
|
||
|
<td align="left" valign="top">EIM Registry not found or insufficient access to
|
||
|
EIM data.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EBUSY -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>EBUSY</strong></dt>
|
||
|
|
||
|
<dd>Unable to allocate internal system object.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_NOLOCK (26)</em></td>
|
||
|
<td align="left" valign="top">Unable to allocate internal system object.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- ECONVERT -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>ECONVERT</strong></dt>
|
||
|
|
||
|
<dd>Data conversion error.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_DATA_CONVERSION (13)</em></td>
|
||
|
<td align="left" valign="top">Error occurred when converting data between code
|
||
|
pages.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EINVAL -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>EINVAL</strong></dt>
|
||
|
|
||
|
<dd>Input parameter was not valid.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_EIMLIST_SIZE (16)</em></td>
|
||
|
<td align="left" valign="top">Length of EimList is not valid. EimList must be
|
||
|
at least 20 bytes in length.</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_HANDLE_INVAL (17)</em></td>
|
||
|
<td align="left" valign="top">EimHandle is not valid.</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_PARM_REQ (34)</em></td>
|
||
|
<td align="left" valign="top">Missing required parameter. Please check API
|
||
|
documentation.</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_PTR_INVAL (35)</em></td>
|
||
|
<td align="left" valign="top">Pointer parameter is not valid.</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_SPACE (41)</em></td>
|
||
|
<td align="left" valign="top">Unexpected error accessing parameter.</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_FUNCTION_NOT_SUPPORTED (70)</em></td>
|
||
|
<td align="left" valign="top">The specified function is not supported
|
||
|
by the EIM version.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- ENOMEM -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>ENOMEM</strong></dt>
|
||
|
|
||
|
<dd>Unable to allocate required space.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_NOMEM (27)</em></td>
|
||
|
<td align="left" valign="top">No memory available. Unable to allocate required
|
||
|
space.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- ENOTCONN -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>ENOTCONN</strong></dt>
|
||
|
|
||
|
<dd>LDAP connection has not been made.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_NOT_CONN (31)</em></td>
|
||
|
<td align="left" valign="top">Not connected to LDAP. Use eimConnect() API and
|
||
|
try the request again.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- EUNKNOWN -->
|
||
|
<!-- ============================================================== -->
|
||
|
<dt><strong>EUNKNOWN</strong></dt>
|
||
|
|
||
|
<dd>Unexpected exception.<br>
|
||
|
<br>
|
||
|
<table cellpadding="5">
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_LDAP_ERR (23)</em></td>
|
||
|
<td align="left" valign="top">Unexpected LDAP error. %s</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_UNEXP_OBJ_VIOLATION (56)</em></td>
|
||
|
<td align="left" valign="top">Unexpected object violation.</td>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td align="left" valign="top"><em>EIMERR_UNKNOWN (44)</em></td>
|
||
|
<td align="left" valign="top">Unknown error or unknown system state.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- U S A G E N O T E S -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- R E L A T E D I N F O R M A T I O N -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
|
||
|
<h3>Related Information</h3>
|
||
|
|
||
|
<ul>
|
||
|
<li><a href="eimgettgtcredsfromidentifier.htm">eimGetTgtCredsFromIdentifier()</a>
|
||
|
--Get EIM Target Identities and Credentials from the Identifier<br>
|
||
|
<br>
|
||
|
</li>
|
||
|
</ul>
|
||
|
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- E X A M P L E -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
|
||
|
<h3>Example</h3>
|
||
|
<p>See <a href="../apiref/aboutapis.htm#codedisclaimer">Code disclaimer information</a>
|
||
|
for information pertaining to code examples.</p>
|
||
|
<p>The following example will get the list of users and credentials in the
|
||
|
target registry, MyRegistry,
|
||
|
that are associated with the source information.</p>
|
||
|
|
||
|
<pre>
|
||
|
#include <eim.h>
|
||
|
#include <stddef.h>
|
||
|
#include <stdio.h>
|
||
|
#include <stdlib.h>
|
||
|
|
||
|
|
||
|
void printListResults(EimList * list);
|
||
|
void printListData(char * fieldName,
|
||
|
void * entry,
|
||
|
int offset);
|
||
|
void printAssociationType(int type);
|
||
|
void printCredSubListData(char * fieldName,
|
||
|
void * entry,
|
||
|
int offset);
|
||
|
|
||
|
int main(int argc, char *argv[])
|
||
|
{
|
||
|
int rc;
|
||
|
char eimerr[100];
|
||
|
EimRC * err;
|
||
|
EimHandle * handle;
|
||
|
|
||
|
char listData[1000];
|
||
|
EimList * list = (EimList * ) listData;
|
||
|
|
||
|
<em>/* Get eim handle from input arg. */</em>
|
||
|
<em>/* This handle is already connected to EIM. */</em>
|
||
|
handle = (EimHandle *)argv[1];
|
||
|
|
||
|
<em>/* Set up error structure. */</em>
|
||
|
memset(eimerr,0x00,100);
|
||
|
err = (EimRC *)eimerr;
|
||
|
err->memoryProvidedByCaller = 100;
|
||
|
|
||
|
<em>/* Get target identity */</em>
|
||
|
if (0 != (rc = eimGetTargetCredsFromSource(handle,
|
||
|
"kerberosRegistry",
|
||
|
"mjjones",
|
||
|
"MyRegistry",
|
||
|
NULL,
|
||
|
1000,
|
||
|
list,
|
||
|
err)))
|
||
|
{
|
||
|
printf("Get target credentials from source error = %d", rc);
|
||
|
return -1;
|
||
|
}
|
||
|
|
||
|
<em>/* Print the results */</em>
|
||
|
printListResults(list);
|
||
|
|
||
|
return 0;
|
||
|
}
|
||
|
|
||
|
|
||
|
void printListResults(EimList * list)
|
||
|
{
|
||
|
int i;
|
||
|
EimTargetIdentity * entry;
|
||
|
|
||
|
printf("___________\n");
|
||
|
printf(" bytesReturned = %d\n", list->bytesReturned);
|
||
|
printf(" bytesAvailable = %d\n", list->bytesAvailable);
|
||
|
printf(" entriesReturned = %d\n", list->entriesReturned);
|
||
|
printf(" entriesAvailable = %d\n", list->entriesAvailable);
|
||
|
printf("\n");
|
||
|
|
||
|
entry = (EimTargetIdentity *)((char *)list + list->firstEntry);
|
||
|
for (i = 0; i < list->entriesReturned; i++)
|
||
|
{
|
||
|
printf("\n");
|
||
|
printf("===============\n");
|
||
|
printf("Entry %d.\n", i);
|
||
|
|
||
|
<em>/* Print out results */</em>
|
||
|
printListData("target user",
|
||
|
entry,
|
||
|
offsetof(EimTargetIdentity, userName));
|
||
|
printAssociationType(entry->type);
|
||
|
printListData("source group registry",
|
||
|
entry,
|
||
|
offsetof(EimTargetIdentity, sourceGroupRegistry));
|
||
|
printListData("target group registry",
|
||
|
entry,
|
||
|
offsetof(EimTargetIdentity, targetGroupRegistry));
|
||
|
printCredSubListData("credential information",
|
||
|
entry,
|
||
|
offsetof(EimTargetIdentity, credentialInfo));
|
||
|
|
||
|
<em>/* advance to next entry */</em>
|
||
|
entry = (EimTargetIdentity *)((char *)entry + entry->nextEntry);
|
||
|
|
||
|
}
|
||
|
printf("\n");
|
||
|
|
||
|
|
||
|
}
|
||
|
|
||
|
void printListData(char * fieldName,
|
||
|
void * entry,
|
||
|
int offset)
|
||
|
{
|
||
|
EimListData * listData;
|
||
|
char * data;
|
||
|
int dataLength;
|
||
|
|
||
|
printf(" %s = ",fieldName);
|
||
|
<em>/* Address the EimListData object */</em>
|
||
|
listData = (EimListData *)((char *)entry + offset);
|
||
|
|
||
|
<em>/* Print out results */</em>
|
||
|
data = (char *)entry + listData->disp;
|
||
|
dataLength = listData->length;
|
||
|
|
||
|
if (dataLength > 0)
|
||
|
printf("%.*s\n",dataLength, data);
|
||
|
else
|
||
|
printf("Not found.\n");
|
||
|
|
||
|
}
|
||
|
|
||
|
void printAssociationType(int type)
|
||
|
{
|
||
|
switch(type)
|
||
|
{
|
||
|
case EIM_TARGET:
|
||
|
printf(" Target Association.\n");
|
||
|
break;
|
||
|
case EIM_CERT_FILTER_POLICY:
|
||
|
printf(" Certificate Filter Policy Association.\n");
|
||
|
break;
|
||
|
case EIM_DEFAULT_REG_POLICY:
|
||
|
printf(" Default Registry Policy Association.\n");
|
||
|
break;
|
||
|
case EIM_DEFAULT_DOMAIN_POLICY:
|
||
|
printf(" Default Domain Policy Association.\n");
|
||
|
break;
|
||
|
default:
|
||
|
printf("ERROR - unknown association type.\n");
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
void printCredSubListData(char * fieldName,
|
||
|
void * entry,
|
||
|
int offset)
|
||
|
{
|
||
|
int i;
|
||
|
EimSubList * subList;
|
||
|
EimCredentialInfo * subentry;
|
||
|
|
||
|
<em>/* Address the EimSubList object */</em>
|
||
|
subList = (EimSubList *)((char *)entry + offset);
|
||
|
|
||
|
if (subList->listNum > 0)
|
||
|
{
|
||
|
subentry = (EimCredentialInfo *)((char *)entry + subList->disp);
|
||
|
for (i = 0; i < subList->listNum; i++)
|
||
|
{
|
||
|
|
||
|
<em>/* Print out results */</em>
|
||
|
printf(" Credential type = %d.\n",subentry->type);
|
||
|
printf(" Credential status = %d.\n",subentry->status);
|
||
|
<em>/* Credential data is not printed. */</em>
|
||
|
|
||
|
<em>/* advance to next entry */</em>
|
||
|
subentry = (EimCredentialInfo *)((char *)subentry +
|
||
|
subentry->nextEntry);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
}
|
||
|
</pre>
|
||
|
|
||
|
<br>
|
||
|
<!-- ============================================================== -->
|
||
|
<!-- -->
|
||
|
<!-- F O O T E R -->
|
||
|
<!-- -->
|
||
|
<!-- ============================================================== -->
|
||
|
<img src="deltaend.gif" alt="End of change">
|
||
|
<hr>
|
||
|
API introduced: V5R4
|
||
|
|
||
|
<hr>
|
||
|
<center>
|
||
|
<table cellpadding="2" cellspacing="2">
|
||
|
<tr align="center">
|
||
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
|
||
|
"sec.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</center>
|
||
|
|
||
|
</body>
|
||
|
</html>
|
||
|
|