ictxRemoveExpiredIdContexts()--Remove Expired Identity Contexts

 #include <ictx.h>;

 int ictxRemoveExpiredIdContexts
 (
  ictxStorageMech_t    *  storageMechanism,
  ictxError_t          *  errorInfo
 )

The ictxRemoveExpiredIdContexts() function removes all expired identity contexts that were stored using the designated storage mechanism.

Authorities and Locks

Refer to storage mechanism for authority information. See ictxStorageMech--Identity Context Storage Mechanism Parameter.

Parameters

storageMechanism  (Input)

The storage mechanism to use when removing the identity context information. For the format of the structure, see ictxStorageMech--Identity Context Storage Mechanism Parameter.

errorInfo  (Output)

The structure in which to return error code information. If the return value is not 0, errorInfo is set with additional information. This parameter may be NULL. For the format of the structure, see ictxError--Identity Context Return Code Parameter.

Return Value

The return value from the API.

0

Request was successful.

ICTXERR_PARM_REQ (1)

Missing required parameter. Please check API documentation.

ICTXERR_NOMEM (2)

No memory available. Unable to allocate required space.

ICTXERR_EIM (3)

Error occurred using EIM interfaces.

ICTXERR_STORAGEMECH_NOT_SUPPORTED (5)

The storage mechanism is not a supported storage mechanism.

ICTXERR_STORAGEMECH_INVALID (28)

Storage mechanism parameter is not valid. A required parameter may be missing.

eServer Implementation Notes

1. AIX implementation details:
   • Authority: None
2. Linux implementation details:
   • Authority: None
3. i5/OS implementation details:
   
   • Service Program Name: QSYS/QSYICTX
     
   • Authority: Default public authority *USE
4. Windows implementation details:
   • Authority: Users must have administrative privilege to install and work with the APIs.
5. z/OS implementation details:
   
   • Authority: The caller of the API must be APF-authorized.

Related Information

• ictxStoreIdContext() --Store Identity Context
  
  
• ictxRetrieveIdContext() --Retrieve Identity Context
  
  
• ictxRemoveIdContext() --Remove Identity Context
  
  
• ictxFreeIdContext() --Free Identity Context Storage
  
  
• ictxFreeIdContextCredential() --Free Identity Context Credential
  
  

Example

The following example removes expired identity contexts. Note: Read the Code example disclaimer for important legal information.

#include <ictx.h>
#include <string.h>
	

int removeExpired()
{
    int rc;

    ictxStorageMech_t storageMech;
    ictxError_t errorInfo;

    /*----------------------------------------------------------------*/
    /* EIM variables                                                  */
    /*----------------------------------------------------------------*/
    char          eimerr[200];
    EimRC       * err;
    EimHandle     handle;
    char * ldapURL =
      "ldap://eimsystem:389/ibm-eimDomainName=myEimDomain,o=mycompany,c=us";
    EimConnectInfo con;

    /*----------------------------------------------------------------*/
    /* EIM Setup:  For the storage mechanism we will use EIM so we    */
    /* need to get a connected EIM handle.                            */
    /*----------------------------------------------------------------*/
    /* EIM: Set up error structure for EIM use                        */
    /*----------------------------------------------------------------*/
    memset(eimerr,0x00,200);
    err = (EimRC *)eimerr;
    err->memoryProvidedByCaller = 200;

    /*----------------------------------------------------------------*/
    /* EIM:  Create a new eim handle using a specified URL            */
    /*----------------------------------------------------------------*/
    if (0 != (rc = eimCreateHandle(&handle, ldapURL, err)))
    {
	.
	.
	.
        return -1;
    }

    /*----------------------------------------------------------------*/
    /* EIM:  Set up EIM connection information                        */
    /*----------------------------------------------------------------*/
    con.type = EIM_SIMPLE;
    con.creds.simpleCreds.protect = EIM_PROTECT_NO;
    con.creds.simpleCreds.bindDn = "cn=admin";
    con.creds.simpleCreds.bindPw = "secret";
    con.ssl = NULL;

    /*----------------------------------------------------------------*/
    /* EIM:  Connect to LDAP URL defined by handle with specified     */
    /* connection credentials                                         */
    /*----------------------------------------------------------------*/
    if (0 != (rc = eimConnect(&handle, con, err)))
    {
        eimDestroyHandle(&handle, err);
	.
	.
	.
        return -1;
    }
        
    /*----------------------------------------------------------------*/
    /*  Set up authentication information                             */
    /*----------------------------------------------------------------*/
    storageMech.format = ICTX_STORAGE_MECH_EIM_0;
    storageMech.storageMech.format0.eimHandle = &handle;

    /*----------------------------------------------------------------*/
    /*  Retrieve authentication context                               */
    /*----------------------------------------------------------------*/
    if (0 != (rc = ictxRemovedExpiredIdContexts(&storageMech,
                                                &errorInfo)))
    {
        eimDestroyHandle(&handle, err);
	.
	.
	.
        return -1;
    }

    eimDestroyHandle(&handle, err);

    return 0;
}