krb5_mk_rep()--Create Kerberos AP_REP Message
Syntax
#include <krb5.h>
krb5_error_code krb5_mk_rep(
krb5_context context,
krb5_auth_context auth_context,
krb5_data * out_data);
Service Program Name: QSYS/QKRBGSS
Default Public Authority: *USE
Threadsafe: Conditional. See
Usage
notes.
The krb5_mk_rep() function creates a Kerberos AP_REP
message using information in the authentication context. An AP_REP message is
returned to the partner application after processing an AP_REQ message received
from the partner application. The information in the authentication context is
set by the krb5_rd_req() routine when it processes the AP_REQ
message.
Authorities
No authorities are required.
Parameters
- context (Input)
- The Kerberos context.
- auth_context (Input/Output)
- The authentication context.
- out_data (Output)
- The AP_REP message. The krb5_free_data_contents() routine
should be called to release the storage pointed to by the data field
of the krb5_data structure when it is no longer needed.
Return Value
If no errors occur, the return value is 0. Otherwise, a Kerberos error code
is returned.
Error Messages
| Message ID |
Error Message Text |
| CPE3418 E |
Possible APAR condition or hardware failure. |
- The Kerberos protocol runtime provides no concurrency control for the
authentication context. If the application wants to use the same authentication
context in multiple threads, it is the responsibility of the application to
serialize access to the authentication context so that only a single thread is
accessing the authentication context at any time. Because message sequence
numbers are contained in the authentication context, this serialization needs
to be extended to encompass the message exchange between the two applications.
Otherwise, message sequence errors are liable to occur if the messages are
delivered out of sequence.
API introduced: V5R1