ictxParseAuthContext()--Parse Authentication Context


  Syntax 
 #include <ictx.h>;

 int ictxParseAuthContext
 (
   ictxIdContext_t      *  authContext,
   ictxParseInfo_t     **  parsedContext,
   ictxError_t          *  errorInfo
  )

  Threadsafe: Yes

  See eServer Implementation Notes for details on platform-specific details for this API.

The ictxParseAuthContext() function parses the information from the authentication context. The parsed information can be used for mapping lookup operations and for auditing purposes.


Parameters

authContext  (Input)
The authentication context to be parsed. For the format of the structure, see ictxIdContext--Identity Context Parameter.

parsedContext  (Output)
Return pointer to information parsed from the authentication context. For the format of the structure, see ictxParseInfo--Authentication Context Parse Information Parameter. This API will parse as much information as it possibly can from the authentication context. If all of the information could not be parsed, the status field will indicate that the parse information is not complete. When this information is no longer needed, it must be freed using the Free Authentication Context Parse Info Storage (ictxFreeParseInfo) API. If the authentication context has timed out, the ICTXERR_CTX_EXPIRED return code will be set but parsed information will still be returned to the caller. If the authentication context is not valid yet, the ICTXERR_CTX_NOT_YET_VALID return code will be set but parsed information will still be returned to the caller.

errorInfo  (Output)
The structure in which to return error code information. If the return value is not 0, errorInfo is set with additional information. This parameter may be NULL. For the format of the structure, see ictxError--Authentication Context Return Code Parameter.


Return Value

The return value from the API.

0
Request was successful.

ICTXERR_PARM_REQ (1)
Missing required parameter. Please check API documentation.

ICTXERR_NOMEM (2)
No memory available. Unable to allocate required space.

ICTXERR_IDCONTEXT_INVALID (4)
Identity context parameter is not valid. The OID and identity context are required. The identity context length must be greater than 0.

ICTXERR_AUTH_CTX_TYPE_NOT_SUPPORTED (10)
Authentication Context Type is not supported.

ICTXERR_DATA_CONVERSION (14)
Error occurred when converting data between code pages.

ICTXERR_AUTH_CONTEXT_INVALID (17)
Error occurred parsing the authentication context.

ICTXERR_OID_MISMATCH (18)
The authentication type requested does not the authentication context type found in the context.

ICTXERR_CTX_EXPIRED (19)
The authentication context has expired.

ICTXERR_CTX_LEN_MISMATCH (20)
Error occurred parsing the authentication context. Input length not correct.

ICTXERR_CTX_NOT_YET_VALID (26)
The authentication context is not yet valid.


eServer Implementation Notes

  1. AIX implementation details:
  2. Linux implementation details:
  3. i5/OS implementation details:
  4. Windows implementation details:
  5. z/OS implementation details:

Related Information



Example

The following example parses an authentication context. Note: Read the Code example disclaimer for important legal information. 

#include <ictx.h>
#include <string.h>
	


void printData(char * attribute,
               char * value)
{
    char * actual = NULL;
    
    if (NULL == value)
        actual = "NONE";
    else
        actual = value;

    printf("   %s:   %s\n", attribute, actual);
}

void printAuthData(ictxAuthenticationInfo_t * authData)
{
    int rc;

    if (NULL == authData)
    {
        printf("No authentication information available.\n");
        return;
    }
    
    printf("Authentication information:\n");

    printData("            User", authData->user);
    printData("        Registry", authData->registry);
    printData("        HostName", authData->hostName);
    printData("        AuthMech", authData->authMech);
    printData("   SecurityLabel", authData->securityLabel);
    printData("   ImplemSpecific", authData->implemSpecific);
    printf("\n\n");
}



void printPremapped(ictxPremappedUserInfo_t * premapped)
{
    printData("             User", premapped->user);
    printData("         Registry", premapped->registry);
    printData("    MappingSource", premapped->mappingSource);
    printData("MappingQualifiers", premapped->mappingQualifiers);
    printData("   ImplemSpecific", premapped->implemSpecific);
}


void printApplication(ictxApplicationInfo_t * appInfo)
{
    printData("            Appid", appInfo->appid);
    printData("         Instance", appInfo->instance);
    printData("   ImplemSpecific", appInfo->implemSpecific);
}


void printManifest(ictxManifestInfo_t * manifest)
{
    time_t           creationTime;
    struct tm *timeptr;
    char dest[50];        // 
    
    printf("Manifest counter: %d\n", manifest->counter);
    printf("\n");

    
    //------------------------------------------------------------------
    // Convert time to  Month Day, year h:m:s   
    //------------------------------------------------------------------
    creationTime = manifest->creationTime;
    timeptr = localtime(&creationTime);
    dest[0] = 0;
    strftime(dest,sizeof(dest)-1,"%b %d,%Y  %H:%M:%S", timeptr);
    printf("Creation date: %s\n", dest);
    
    printf("Time to Live: %d\n", manifest->timeToLive);

    
    if (NULL == manifest->sender)
        printf(" Sender:  NONE.\n");
    else
    {
        printf(" Sender Information:\n");
        printApplication(manifest->sender);
    }
    
    printf("\n");
    if (NULL == manifest->receiver)
        printf(" Receiver:  NONE.\n");
    else
    {
        printf(" Receiver Information:\n");
        printApplication(manifest->receiver);
    }
    
    printf("\n");
    if (NULL == manifest->premappedUser)
        printf(" PremappedUser:  NONE.\n");
    else
    {
        printf(" PremappedUser Information:\n");
        printPremapped(manifest->premappedUser);
    }
    printf("\n\n");
    
    return;
}


void printManifests(ictxManifestInfo_t ** manifestList)
{
    int i = 0;
    
    if (NULL == manifestList)
    {
        printf("No manifest information available.\n");
        return;
    }

    for ( i = 0; manifestList[i] != NULL; i++)
    {
        printManifest(manifestList[i]);
    }
    
        
    
    return;
}


int parseAuthContext(ictxIdContext_t   * authContext)
{
    int rc;
    
    ictxError_t errorInfo;
    ictxParseInfo_t  * parsedContext;
    /*----------------------------------------------------------------*/
    /*  Parse authentication context                                  */
    /*----------------------------------------------------------------*/
    if (0 != (rc = ictxParseAuthContext(authContext,
                                        &parsedContext,
                                        &errorInfo)))
    {
	.
	.
	.
        return -1;
    }
    /*----------------------------------------------------------------*/
    /*  Check status                                                  */
    /*----------------------------------------------------------------*/
    if (0 == parsedContext->statusFlag)
        printf("\n Parsed results complete.\n");
    else
        printf("\n Parsed results incomplete.\n");
    /*----------------------------------------------------------------*/
    /*  Print parsed results                                          */
    /*----------------------------------------------------------------*/
    if (ICTX_PARSE_INFO_FORMAT_0 == parsedContext->format)
    {
        printAuthData(parsedContext->parseInfo.format0.authData);
        printManifests(parsedContext->parseInfo.format0.manifestList);
    }
	.
	.
	.
    if (0 != (rc = ictxFreeParseInfo(parsedContext,
                                   &errorInfo)))
    {
	.
	.
	.
        return -1;
    }
    return 0;
}
Top | Security APIs | APIs by category