ictxAuthenticationInfo--Authentication Context Authentication Info

This describes the authentication information that will be added to the authentication context, or was parsed from the authentication context. See eServer Implementation Notes for details on platform-specific details.

Authentication Information

The structure ictxAuthenticationInfo_t describes the authentication information used for authentication tokens that support authentication information. New fields may be added to the end of this structure. On a parse operation the fields will be returned if they exist in the authentication context. Code that has been rebuilt with the new structure may access these new fields. A version supplied with the build information indicates which new fields have been provided.

The layout for ictxAuthenticationInfo_t follows:

typedef struct ictxAuthenticationInfo_t
{
    char           * user;            /* Authenticated user
    char           * registry;        /* Registry for the authenticated
                                     user                             */
    char           * hostName;        /* DNS host name                */
    char           * authMech;        /* Authentication mechanism     */
    char           * securityLabel;   /* Security Label               */
    char           * implemSpecific;  /* Additional data, optional    */
    
} ictxAuthenticationInfo_t;

Field Descriptions

user  
The name of the user that has been authenticated by the caller. This user name may be used by a mapping lookup operation for the endpoint application.

registry  
The name of the user registry for the authenticated user. This registry name may be used by a mapping lookup operation for the endpoint application.

hostName  
The DNS name of the host system where the user was authenticated.

authMech  
The mechanism used to authenticate the user.

securityLabel  
The security label associated with this user.

implemSpecific  
This is implementation specific data that would be added to an authentication context. The sender and the receiver must agree on format and content of this data. The recommended layout for this data would be a series of the following: 
<LABEL>xxxxx</LABEL><DATA>yyyyy</DATA>
An example would be: 
<LABEL>TCPIP address</LABEL><DATA>9.5.6.132</DATA>

Build Information

The authentication information used for building of an authentication context is contained in the ictxAuthInfo structure. The layout for ictxAuthInfo follows:

typedef struct ictxAuthInfo
{
    enum ictxAuthInfoFormat format;
    union
    {
        ictxAuthInfoFormat0_t * format0;
    } authInfo;
} ictxAuthInfo_t;


Field Descriptions

format  
Valid values for the format are: 
enum ictxAuthInfoFormat  {
    ICTX_AUTH_INFO_FORMAT_0
    
};

When format is ICTX_AUTH_INFO_FORMAT_0 (0), the authInfo field must contain an ictxAuthInfoFormat0_t structure. 

typedef struct ictxAuthInfoFormat0
{
    int                   version;
    ictxAuthenticationInfo_t * authInfo;
} ictxAuthInfoFormat0_t;
version  
The version indicates which fields are available in the the authInfo field. Version 0 corresponds to the initial structure defined here. In the future if new fields are added to the authInfo structure and the users wants to pass that information in for a build they can indicate the new version of the structure that they are providing.

authInfo  
This is the structure that contains the authentication information fields.

eServer Implementation Notes

  1. AIX implementation details:
  2. Linux implementation details:
  3. i5/OS implementation details:
  4. Windows implementation details:
  5. z/OS implementation notes:
Top | Security APIs | APIs by category