ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/ictxparseauthcontext.htm

513 lines
17 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<TITLE>ictxParseAuthContext()--Parse Authentication Context</TITLE>
<!-- Begin Header Records ========================================= -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- End Header Records -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</HEAD>
<BODY>
<!--Java sync-link-->
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
</script>
<A name=Top_Of_Page>
</A>
<!-- ============================================================== -->
<!-- -->
<!-- -->
<!-- ============================================================== -->
<H2>
ictxParseAuthContext()--Parse Authentication Context
</H2>
<!-- ============================================================== -->
<!-- -->
<!-- S Y N T A X / P A R M T A B L E -->
<!-- -->
<!-- ============================================================== -->
<div class="box" style="width: 90%;">
<BR>&nbsp;&nbsp;Syntax
<PRE>
#include &lt;ictx.h&gt;;
int ictxParseAuthContext
(
ictxIdContext_t * <EM>authContext</EM>,
ictxParseInfo_t ** <EM>parsedContext</EM>,
ictxError_t * <EM>errorInfo</EM>
)
</PRE>
<BR>
&nbsp;&nbsp;Threadsafe: Yes<BR>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;See <a href="#eserver_notes">eServer Implementation Notes</a>
for details on platform-specific details for this API.<br>
<!-- iddvc RMBR -->
<br>
</div>
<!-- ============================================================== -->
<!-- -->
<!-- D E S C R I P T I O N -->
<!-- -->
<!-- ============================================================== -->
<P>The <STRONG>ictxParseAuthContext()</STRONG> function parses the information
from the authentication context. The parsed information can be used for
mapping lookup operations and for auditing purposes.
</P>
<!-- ============================================================== -->
<!-- -->
<!-- A U T H O R I T I E S A N D L O C K S -->
<!-- -->
<!-- ============================================================== -->
<!-- See eServer notes. -->
<!-- ============================================================== -->
<!-- -->
<!-- P A R A M E T E R S -->
<!-- -->
<!-- ============================================================== -->
<BR>
<H3>Parameters</H3>
<DL>
<!-- ============================================================== -->
<!-- authContext -->
<!-- ============================================================== -->
<DT>
<STRONG>authContext</STRONG>&nbsp;&nbsp;(Input)
<DD>The authentication context to be parsed.
For the format of the structure, see <A
href="ictxidcontext.htm">
ictxIdContext--Identity Context Parameter</A>.
<BR>
<BR>
<!-- ============================================================== -->
<!-- parsedContext -->
<!-- ============================================================== -->
<DT>
<STRONG>parsedContext</STRONG>&nbsp;&nbsp;(Output)
<DD>Return pointer to information parsed from the authentication context.
For the format of the structure, see <A
href="ictxparseinfo.htm">
ictxParseInfo--Authentication Context Parse Information Parameter</A>.
This API will parse as much information as it possibly can from the
authentication context. If all of the information could not be parsed, the
<em>status</em> field will indicate that the parse information is
not complete.
When this information is no longer needed, it must be freed using the
Free Authentication Context Parse Info Storage (ictxFreeParseInfo) API.
If the authentication context has timed out, the ICTXERR_CTX_EXPIRED
return code will be set but parsed information will still be
returned to the caller. If the authentication context is
not valid yet, the ICTXERR_CTX_NOT_YET_VALID return
code will be set but parsed information will still
be returned to the caller.
<BR>
<BR>
<!-- ============================================================== -->
<!-- errorInfo -->
<!-- ============================================================== -->
<DT>
<STRONG>errorInfo</STRONG>&nbsp;&nbsp;(Output)
<DD>The structure in which to return error code information. If the return
value is not 0, <EM>errorInfo</EM> is set with additional information. This
parameter may be NULL. For the format of the structure, see <A
href="ictxerror.htm">ictxError--Authentication
Context Return Code Parameter</A>.<BR>
<BR>
</DD>
</DL>
<!-- ============================================================== -->
<!-- -->
<!-- R E T U R N V A L U E -->
<!-- -->
<!-- ============================================================== -->
<BR>
<H3>Return Value</H3>
<P>The return value from the API.</P>
<DL>
<!-- ============================================================== -->
<!-- 0 -->
<!-- ============================================================== -->
<DT>
<STRONG>0</STRONG>
<DD>Request was successful.
<BR>
<BR>
<!-- ============================================================== -->
<!-- Errors -->
<!-- ============================================================== -->
<DT>
<STRONG>ICTXERR_PARM_REQ (1)</STRONG>
<DD>Missing required parameter. Please check API documentation.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_NOMEM (2)</STRONG>
<DD>No memory available. Unable to allocate required space.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_IDCONTEXT_INVALID (4)</STRONG>
<DD>Identity context parameter is not valid.
The OID and identity context are required. The identity context
length must be greater than 0.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_AUTH_CTX_TYPE_NOT_SUPPORTED (10)</STRONG>
<DD>Authentication Context Type is not supported.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_DATA_CONVERSION (14)</STRONG>
<DD>Error occurred when converting data between code pages.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_AUTH_CONTEXT_INVALID (17)</STRONG>
<DD>Error occurred parsing the authentication
context.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_OID_MISMATCH (18)</STRONG>
<DD>The authentication type requested does not the
authentication context type found in the context.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_CTX_EXPIRED (19)</STRONG>
<DD>The authentication context has expired.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_CTX_LEN_MISMATCH (20)</STRONG>
<DD>Error occurred parsing the authentication
context. Input length not correct.
<BR>
<BR>
<DT>
<STRONG>ICTXERR_CTX_NOT_YET_VALID (26)</STRONG>
<DD>The authentication context is not yet valid.
<BR>
<BR>
</DD>
</DL>
<!-- ============================================================== -->
<!-- -->
<!-- U S A G E N O T E S -->
<!-- -->
<!-- ============================================================== -->
<!-- ============================================================== -->
<!-- -->
<!-- E S E R V E R N O T E S -->
<!-- -->
<!-- ============================================================== -->
<BR>
<h3>
<a name="eserver_notes">eServer Implementation Notes</a>
</h3>
<ol>
<li>
<strong>AIX implementation details:</strong>
<ul>
<li>
Authority: None
</li>
</ul>
</li>
<li>
<strong>Linux implementation details:</strong>
<ul>
<li>
Authority: None
</li>
</ul>
</li>
<li>
<strong>i5/OS implementation details:</strong><br>
<ul>
<li>
Service Program Name: QSYS/QSYICTX<br>
</li>
<li>
Authority: Default public authority *USE
</li>
</ul>
</li>
<li>
<strong>Windows implementation details:</strong>
<ul>
<li>
Authority: Users must have administrative privilege to
install and work with the APIs.
</li>
</ul>
</li>
<li>
<strong>z/OS implementation details:</strong><br>
<ul>
<li>
Authority: The caller of the API must be APF-authorized.
</li>
</ul>
</li>
</ol>
<!-- ============================================================== -->
<!-- -->
<!-- R E L A T E D I N F O R M A T I O N -->
<!-- -->
<!-- ============================================================== -->
<BR>
<H3>Related Information</H3>
<UL>
<LI>
<A
href="ictxbuildauthcontext.htm">ictxBuildAuthContext()</A>
--Build Authentication Context<BR>
<BR>
</LI>
<LI>
<A
href="ictxdelegateauthcontext.htm">ictxDelegateAuthContext()</A>
--Delegate Authentication Context<BR>
<BR>
</LI>
<LI>
<A
href="ictxfreeidcontext.htm">ictxFreeIdContext()</A>
--Free Identity Context Storage<BR>
<BR>
</LI>
<LI>
<A
href="ictxfreeparseinfo.htm">ictxFreeParseInfo()</A>
--Free Authentication Context Parse Info Storage<BR>
<BR>
</LI>
</UL>
<BR>
<!-- ============================================================== -->
<!-- -->
<!-- E X A M P L E -->
<!-- -->
<!-- ============================================================== -->
<BR>
<h3>
Example
</h3>
<p>
The following example parses an authentication context.
<b>Note:</b> Read the <a href="codedisclaimer.htm">Code example disclaimer</a>
for important legal information.
</p>
<pre>
#include &lt;ictx.h&gt;
#include &lt;string.h&gt;
void printData(char * attribute,
char * value)
{
char * actual = NULL;
if (NULL == value)
actual = &quot;NONE&quot;;
else
actual = value;
printf(&quot; %s: %s\n&quot;, attribute, actual);
}
void printAuthData(ictxAuthenticationInfo_t * authData)
{
int rc;
if (NULL == authData)
{
printf(&quot;No authentication information available.\n&quot;);
return;
}
printf(&quot;Authentication information:\n&quot;);
printData(&quot; User&quot;, authData->user);
printData(&quot; Registry&quot;, authData->registry);
printData(&quot; HostName&quot;, authData->hostName);
printData(&quot; AuthMech&quot;, authData->authMech);
printData(&quot; SecurityLabel&quot;, authData->securityLabel);
printData(&quot; ImplemSpecific&quot;, authData->implemSpecific);
printf(&quot;\n\n&quot;);
}
void printPremapped(ictxPremappedUserInfo_t * premapped)
{
printData(&quot; User&quot;, premapped->user);
printData(&quot; Registry&quot;, premapped->registry);
printData(&quot; MappingSource&quot;, premapped->mappingSource);
printData(&quot;MappingQualifiers&quot;, premapped->mappingQualifiers);
printData(&quot; ImplemSpecific&quot;, premapped->implemSpecific);
}
void printApplication(ictxApplicationInfo_t * appInfo)
{
printData(&quot; Appid&quot;, appInfo->appid);
printData(&quot; Instance&quot;, appInfo->instance);
printData(&quot; ImplemSpecific&quot;, appInfo->implemSpecific);
}
void printManifest(ictxManifestInfo_t * manifest)
{
time_t creationTime;
struct tm *timeptr;
char dest[50]; //
printf(&quot;Manifest counter: %d\n&quot;, manifest->counter);
printf(&quot;\n&quot;);
//------------------------------------------------------------------
// Convert time to Month Day, year h:m:s
//------------------------------------------------------------------
creationTime = manifest->creationTime;
timeptr = localtime(&amp;creationTime);
dest[0] = 0;
strftime(dest,sizeof(dest)-1,&quot;%b %d,%Y %H:%M:%S&quot;, timeptr);
printf(&quot;Creation date: %s\n&quot;, dest);
printf(&quot;Time to Live: %d\n&quot;, manifest->timeToLive);
if (NULL == manifest->sender)
printf(&quot; Sender: NONE.\n&quot;);
else
{
printf(&quot; Sender Information:\n&quot;);
printApplication(manifest->sender);
}
printf(&quot;\n&quot;);
if (NULL == manifest->receiver)
printf(&quot; Receiver: NONE.\n&quot;);
else
{
printf(&quot; Receiver Information:\n&quot;);
printApplication(manifest->receiver);
}
printf(&quot;\n&quot;);
if (NULL == manifest->premappedUser)
printf(&quot; PremappedUser: NONE.\n&quot;);
else
{
printf(&quot; PremappedUser Information:\n&quot;);
printPremapped(manifest->premappedUser);
}
printf(&quot;\n\n&quot;);
return;
}
void printManifests(ictxManifestInfo_t ** manifestList)
{
int i = 0;
if (NULL == manifestList)
{
printf(&quot;No manifest information available.\n&quot;);
return;
}
for ( i = 0; manifestList[i] != NULL; i++)
{
printManifest(manifestList[i]);
}
return;
}
int parseAuthContext(ictxIdContext_t * authContext)
{
int rc;
ictxError_t errorInfo;
ictxParseInfo_t * parsedContext;
/*----------------------------------------------------------------*/
/* Parse authentication context */
/*----------------------------------------------------------------*/
if (0 != (rc = ictxParseAuthContext(authContext,
&amp;parsedContext,
&amp;errorInfo)))
{
.
.
.
return -1;
}
/*----------------------------------------------------------------*/
/* Check status */
/*----------------------------------------------------------------*/
if (0 == parsedContext->statusFlag)
printf(&quot;\n Parsed results complete.\n&quot;);
else
printf(&quot;\n Parsed results incomplete.\n&quot;);
/*----------------------------------------------------------------*/
/* Print parsed results */
/*----------------------------------------------------------------*/
if (ICTX_PARSE_INFO_FORMAT_0 == parsedContext->format)
{
printAuthData(parsedContext->parseInfo.format0.authData);
printManifests(parsedContext->parseInfo.format0.manifestList);
}
.
.
.
if (0 != (rc = ictxFreeParseInfo(parsedContext,
&amp;errorInfo)))
{
.
.
.
return -1;
}
return 0;
}
</pre>
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center">
<a href="#Top_Of_Page">Top</a> |
<a href="sec.htm">Security APIs</a> |
<a href="aplist.htm">APIs by category</a></td>
</tr>
</table>
</center>
</BODY>
</HTML>