150 lines
4.1 KiB
HTML
150 lines
4.1 KiB
HTML
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||
|
<html>
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
||
|
<title>krb5_mk_rep()--Create Kerberos AP_REP Message</title>
|
||
|
<!-- Begin Header Records -->
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<!-- Change History: -->
|
||
|
<!-- YYMMDD USERID Change description -->
|
||
|
<!-- Created by Kent Hofer for V5R1 -->
|
||
|
<!-- Edited by Kersten Jan 02 -->
|
||
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
||
|
</head>
|
||
|
<body>
|
||
|
<!-- End Header Records -->
|
||
|
<!--Java sync-link-->
|
||
|
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
|
||
|
</script>
|
||
|
|
||
|
<a name="Top_Of_Page"></a>
|
||
|
|
||
|
<h2>krb5_mk_rep()--Create Kerberos AP_REP Message</h2>
|
||
|
|
||
|
<div class="box" style="width: 70%;">
|
||
|
<br>
|
||
|
Syntax
|
||
|
|
||
|
<pre>
|
||
|
#include <krb5.h>
|
||
|
|
||
|
krb5_error_code krb5_mk_rep(
|
||
|
krb5_context <em>context</em>,
|
||
|
krb5_auth_context <em>auth_context</em>,
|
||
|
krb5_data * <em>out_data</em>);
|
||
|
</pre>
|
||
|
|
||
|
Service Program Name: QSYS/QKRBGSS<br>
|
||
|
<!-- iddvc RMBR -->
|
||
|
<br>
|
||
|
Default Public Authority: *USE<br>
|
||
|
<!-- iddvc RMBR -->
|
||
|
<br>
|
||
|
Threadsafe: Conditional. See <a href="#usage_notes">Usage
|
||
|
notes</a>.<br>
|
||
|
<!-- iddvc RMBR -->
|
||
|
<br>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<p>The <strong>krb5_mk_rep()</strong> function creates a Kerberos AP_REP
|
||
|
message using information in the authentication context. An AP_REP message is
|
||
|
returned to the partner application after processing an AP_REQ message received
|
||
|
from the partner application. The information in the authentication context is
|
||
|
set by the <strong>krb5_rd_req()</strong> routine when it processes the AP_REQ
|
||
|
message.</p>
|
||
|
|
||
|
<br>
|
||
|
<h3>Authorities</h3>
|
||
|
|
||
|
<p>No authorities are required.</p>
|
||
|
|
||
|
<br>
|
||
|
<h3>Parameters</h3>
|
||
|
|
||
|
<dl>
|
||
|
<dt><strong>context</strong> (Input)</dt>
|
||
|
|
||
|
<dd>The Kerberos context.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<dt><strong>auth_context</strong> (Input/Output)</dt>
|
||
|
|
||
|
<dd>The authentication context.<br>
|
||
|
<br>
|
||
|
</dd>
|
||
|
|
||
|
<dt><strong>out_data</strong> (Output)</dt>
|
||
|
|
||
|
<dd>The AP_REP message. The <strong>krb5_free_data_contents()</strong> routine
|
||
|
should be called to release the storage pointed to by the <em>data</em> field
|
||
|
of the krb5_data structure when it is no longer needed.</dd>
|
||
|
</dl>
|
||
|
|
||
|
<br>
|
||
|
|
||
|
|
||
|
<h3>Return Value</h3>
|
||
|
|
||
|
<p>If no errors occur, the return value is 0. Otherwise, a Kerberos error code
|
||
|
is returned.</p>
|
||
|
|
||
|
<br>
|
||
|
|
||
|
|
||
|
<h3>Error Messages</h3>
|
||
|
|
||
|
<table width="100%" cellpadding="5">
|
||
|
<tr>
|
||
|
<th align="left" valign="top">Message ID</th>
|
||
|
<th align="left" valign="top">Error Message Text</th>
|
||
|
</tr>
|
||
|
|
||
|
<tr>
|
||
|
<td width="15%" valign="top">CPE3418 E</td>
|
||
|
<td width="85%" valign="top">Possible APAR condition or hardware failure.</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
<br>
|
||
|
|
||
|
|
||
|
<h3><a name="usage_notes">Usage Notes</a></h3>
|
||
|
|
||
|
<ol>
|
||
|
<li>The Kerberos protocol runtime provides no concurrency control for the
|
||
|
authentication context. If the application wants to use the same authentication
|
||
|
context in multiple threads, it is the responsibility of the application to
|
||
|
serialize access to the authentication context so that only a single thread is
|
||
|
accessing the authentication context at any time. Because message sequence
|
||
|
numbers are contained in the authentication context, this serialization needs
|
||
|
to be extended to encompass the message exchange between the two applications.
|
||
|
Otherwise, message sequence errors are liable to occur if the messages are
|
||
|
delivered out of sequence.</li>
|
||
|
</ol>
|
||
|
|
||
|
<br>
|
||
|
<hr>
|
||
|
API introduced: V5R1
|
||
|
|
||
|
<hr>
|
||
|
<center>
|
||
|
<table cellpadding="2" cellspacing="2">
|
||
|
<tr align="center">
|
||
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
|
||
|
"sec.htm">Security APIs</a> <br>
|
||
|
<a href="unix.htm">UNIX-Type APIs</a> | <a href="aplist.htm">APIs by
|
||
|
category</a> </td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</center>
|
||
|
</body>
|
||
|
</html>
|
||
|
|