friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/ictxstoragemech.htm

218 lines
8.2 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<TITLE>ictxStorageMech - Identity Context Storage Mechanism Parameter</TITLE>
<!-- Begin Header Records ========================================= -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- Edited by Kersten Jan 02 -->
<!-- Created by Therese Dalton on 17 July 2001 -->
<!--File edited for Tidy July 2001 -->
<!-- End Header Records -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</HEAD>
<BODY>
<a name="Top_Of_Page"></a>
<!--Java sync-link-->
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
</script>
<!-- ============================================================== -->
<!-- -->
<!-- -->
<!-- ============================================================== -->
<H2>ictxStorageMech--Identity Context Storage Mechanism Parameter</H2>
<!-- ============================================================== -->
<!-- -->
<!-- D E S C R I P T I O N -->
<!-- -->
<!-- ============================================================== -->
<P>This contains information about the storage mechanism that will be used to
store and remove the identity context.
See <a href="#eserver_notes">eServer Implementation
Notes</a> for details on platform-specific details.
</P>
<!-- ============================================================== -->
<!-- -->
<!-- A U T H O R I T I E S A N D L O C K S -->
<!-- -->
<!-- ============================================================== -->
<BR>
<H3>Authorities and Locks</H3>
<P>
When the storage mechanism is EIM the following authorities and locks apply.
<DL>
<DT>
<EM>EIM Data</EM>
<DD>When storage mechanism is Enterprise Identity Mapping (EIM)
then authority is required to the EIM data.
Access to data is controlled by EIM
access groups. LDAP administrators also have access to EIM data.
The identity context is stored as credential data in EIM. Mapping lookup
authority is required as well as authority to access credential data.
<DD>
<p>The access groups whose members have authority to
the mapping lookup data for this API follow:
<UL>
<li>EIM Administrator</li>
<li>EIM Registries Administrator</li>
<li>EIM Identifiers Administrator</li>
<li>EIM Mapping Lookup</li>
<LI>EIM authority to the __CTXREF_REG__ registry </LI>
</UL>
<p>The credential information for the target identity is considered security
sensitive data. Access to this data is more strictly controlled.
The access groups whose members have authority to
the credential information follow:
<UL>
<LI>EIM Administrator </li>
<LI>EIM Credential Data </li>
<p>Note that the EIM Credential Data access group does not have access to the
mapping lookup data. If a user is a member of the EIM Credential Data
access group, then the
user must also be a member of one of the access groups that has access to
the mapping lookup data.</p>
</UL>
</DD>
</DL>
<BR>
<!-- ============================================================== -->
<!-- -->
<!-- S T R U C T U R E -->
<!-- -->
<!-- ============================================================== -->
<H3>Structure layout</H3>
<P>The layout for ictxStorageMech follows:</P>
<PRE>
typedef struct ictxStorageMech
{
enum ictxStorageMechFormat format;
union
{
ictxStorageMechFormat0_t format0;
} storageMech;
} ictxStorageMech_t;
</PRE>
<P>
<BR>
<!-- ============================================================== -->
<!-- -->
<!-- F I E L D D E S C R I P T I O N S -->
<!-- -->
<!-- ============================================================== -->
<H3>
<A name=Header_41>Field Descriptions</A>
</H3>
<DL>
<!-- ============================================================== -->
<!-- format -->
<!-- ============================================================== -->
<DT>
<STRONG>format</STRONG>&nbsp;&nbsp;
<DD>Valid values for the format are:
<PRE>
enum ictxStorageMechFormat {
ICTX_STORAGE_MECH_EIM_0
};
</PRE>
<P>When format is ICTX_STORAGE_MECH_EIM_0 (0), the <em>storageMech</em> field
must contain an ictxStorageMechFormat0_t structure.<BR>
<PRE>
typedef struct ictxStorageMechFormat0
{
EimHandle * eimHandle; /* Eim handle */
} ictxStorageMechFormat0_t;
</PRE>
<!-- ============================================================== -->
<!-- eimHandle -->
<!-- ============================================================== -->
<DT>
<STRONG>eimHandle</STRONG>&nbsp;&nbsp;
<DD>The EIM handle returned by a previous call to eimCreateHandle(). A valid
connection is required for this function. <BR>
</DD>
</DL>
<BR>
<!-- ============================================================== -->
<!-- -->
<!-- E S E R V E R N O T E S -->
<!-- -->
<!-- ============================================================== -->
<h3>
<a name="eserver_notes">eServer Implementation Notes</a>
</h3>
<ol>
<li>
<strong>AIX implementation details:</strong>
<ul>
<li>
None.
</li>
</ul>
</li>
<li>
<strong>Linux implementation details:</strong>
<ul>
<li>
None.
</li>
</ul>
</li>
<li>
<strong>i5/OS implementation details:</strong><br>
<ul>
<li>
For the EIM storage mechanism, the eimHandle parameter may be NULL.
If NULL is supplied then the EIM information
configured for the system is used. The user is required to have *ALLOBJ
and *SECADM authority to use that data.
</li>
</ul>
</li>
<li>
<strong>Windows implementation details:</strong>
<ul>
<li>
None.
</li>
</ul>
</li>
<li>
<strong>z/OS implementation notes:</strong><br>
<ul>
<li>
None.
</li>
</ul>
</li>
</ol>
<!-- ============================================================== -->
<!-- The End -->
<!-- ============================================================== -->
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center">
<a href="#Top_Of_Page">Top</a> |
<a href="sec.htm">Security APIs</a> |
<a href="aplist.htm">APIs by category</a></td>
</tr>
</table>
</center>
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink