389 lines
13 KiB
HTML
389 lines
13 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<TITLE>ictxRemoveExpiredIdContexts()--Remove Expired Identity Contexts</TITLE>
|
|
<!-- Begin Header Records ========================================= -->
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Change History: -->
|
|
<!-- YYMMDD USERID Change description -->
|
|
<!-- End Header Records -->
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</HEAD>
|
|
<BODY>
|
|
<!--Java sync-link-->
|
|
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
|
|
</script>
|
|
|
|
<A name=Top_Of_Page>
|
|
</A>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<H2>
|
|
ictxRemoveExpiredIdContexts()--Remove Expired Identity Contexts
|
|
</H2>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- S Y N T A X / P A R M T A B L E -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<div class="box" style="width: 90%;">
|
|
<BR> Syntax
|
|
<PRE>
|
|
#include <ictx.h>;
|
|
|
|
int ictxRemoveExpiredIdContexts
|
|
(
|
|
ictxStorageMech_t * <EM>storageMechanism</EM>,
|
|
ictxError_t * <EM>errorInfo</EM>
|
|
)
|
|
</PRE>
|
|
<BR>
|
|
Threadsafe: Yes<BR>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
See <a href="#eserver_notes">eServer Implementation Notes</a>
|
|
for details on platform-specific details for this API.<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
|
|
</div>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- D E S C R I P T I O N -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<P>The <STRONG>ictxRemoveExpiredIdContexts()</STRONG> function
|
|
removes all expired identity contexts that were stored using the
|
|
designated storage mechanism.
|
|
</P>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- A U T H O R I T I E S A N D L O C K S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<BR>
|
|
<h3>
|
|
Authorities and Locks
|
|
</h3>
|
|
<P>
|
|
Refer to storage mechanism for authority information.
|
|
See <A
|
|
href="ictxstoragemech.htm">
|
|
ictxStorageMech--Identity Context Storage Mechanism Parameter</A>.
|
|
</P>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- P A R A M E T E R S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<BR>
|
|
<H3>Parameters</H3>
|
|
<DL>
|
|
<!-- ============================================================== -->
|
|
<!-- storageMechanism -->
|
|
<!-- ============================================================== -->
|
|
<DT>
|
|
<STRONG>storageMechanism</STRONG> (Input)
|
|
<DD>The storage mechanism to use when removing the identity
|
|
context information.
|
|
For the format of the structure, see <A
|
|
href="ictxstoragemech.htm">
|
|
ictxStorageMech--Identity Context Storage Mechanism Parameter</A>.
|
|
<BR>
|
|
<BR>
|
|
<!-- ============================================================== -->
|
|
<!-- errorInfo -->
|
|
<!-- ============================================================== -->
|
|
<DT>
|
|
<STRONG>errorInfo</STRONG> (Output)
|
|
<DD>The structure in which to return error code information. If the return
|
|
value is not 0, <EM>errorInfo</EM> is set with additional information. This
|
|
parameter may be NULL. For the format of the structure, see <A
|
|
href="ictxerror.htm">ictxError--Identity
|
|
Context Return Code Parameter</A>.
|
|
<BR>
|
|
<BR>
|
|
</DD>
|
|
</DL>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- R E T U R N V A L U E -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<BR>
|
|
<H3>Return Value</H3>
|
|
<P>The return value from the API.</P>
|
|
<DL>
|
|
<!-- ============================================================== -->
|
|
<!-- 0 -->
|
|
<!-- ============================================================== -->
|
|
<DT>
|
|
<STRONG>0</STRONG>
|
|
<DD>Request was successful.
|
|
<BR>
|
|
<BR>
|
|
<!-- ============================================================== -->
|
|
<!-- Errors -->
|
|
<!-- ============================================================== -->
|
|
<DT>
|
|
<STRONG>ICTXERR_PARM_REQ (1)</STRONG>
|
|
<DD>Missing required parameter. Please check API documentation.
|
|
<BR>
|
|
<BR>
|
|
<DT>
|
|
<STRONG>ICTXERR_NOMEM (2)</STRONG>
|
|
<DD>No memory available. Unable to allocate required space.
|
|
<BR>
|
|
<BR>
|
|
<DT>
|
|
<STRONG>ICTXERR_EIM (3)</STRONG>
|
|
<DD>Error occurred using EIM interfaces.
|
|
<BR>
|
|
<BR>
|
|
<DT>
|
|
<STRONG>ICTXERR_STORAGEMECH_NOT_SUPPORTED (5)</STRONG>
|
|
<DD>The storage mechanism is not a supported storage
|
|
mechanism.
|
|
<BR>
|
|
<BR>
|
|
|
|
<DT>
|
|
<STRONG>ICTXERR_STORAGEMECH_INVALID (28)</STRONG>
|
|
<DD>Storage mechanism parameter is not valid.
|
|
A required parameter may be missing.
|
|
<BR>
|
|
<BR>
|
|
|
|
</DD>
|
|
</DL>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- U S A G E N O T E S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- E S E R V E R N O T E S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<BR>
|
|
<h3>
|
|
<a name="eserver_notes">eServer Implementation Notes</a>
|
|
</h3>
|
|
<ol>
|
|
<li>
|
|
<strong>AIX implementation details:</strong>
|
|
<ul>
|
|
<li>
|
|
Authority: None
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
<strong>Linux implementation details:</strong>
|
|
<ul>
|
|
<li>
|
|
Authority: None
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
<strong>i5/OS implementation details:</strong><br>
|
|
|
|
<ul>
|
|
<li>
|
|
Service Program Name: QSYS/QSYICTX<br>
|
|
</li>
|
|
<li>
|
|
Authority: Default public authority *USE
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
<strong>Windows implementation details:</strong>
|
|
<ul>
|
|
<li>
|
|
Authority: Users must have administrative privilege to
|
|
install and work with the APIs.
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
<strong>z/OS implementation details:</strong><br>
|
|
|
|
<ul>
|
|
<li>
|
|
Authority: The caller of the API must be APF-authorized.
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ol>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- R E L A T E D I N F O R M A T I O N -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<BR>
|
|
<H3>Related Information</H3>
|
|
<UL>
|
|
<LI>
|
|
<A
|
|
href="ictxstoreidcontext.htm">ictxStoreIdContext()</A>
|
|
--Store Identity Context<BR>
|
|
<BR>
|
|
</LI>
|
|
<LI>
|
|
<A
|
|
href="ictxretrieveidcontext.htm">ictxRetrieveIdContext()</A>
|
|
--Retrieve Identity Context<BR>
|
|
<BR>
|
|
</LI>
|
|
<LI>
|
|
<A
|
|
href="ictxremoveidcontext.htm">ictxRemoveIdContext()</A>
|
|
--Remove Identity Context<BR>
|
|
<BR>
|
|
</LI>
|
|
<LI>
|
|
<A
|
|
href="ictxfreeidcontext.htm">ictxFreeIdContext()</A>
|
|
--Free Identity Context Storage<BR>
|
|
<BR>
|
|
</LI>
|
|
<LI>
|
|
<A
|
|
href="ictxfreeidcontextcredential.htm">ictxFreeIdContextCredential()</A>
|
|
--Free Identity Context Credential<BR>
|
|
<BR>
|
|
</LI>
|
|
</UL>
|
|
<BR>
|
|
<BR>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- E X A M P L E -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<BR>
|
|
<h3>
|
|
Example
|
|
</h3>
|
|
<p>
|
|
The following example removes expired identity contexts.
|
|
<b>Note:</b> Read the <a href="codedisclaimer.htm">Code example disclaimer</a>
|
|
for important legal information.
|
|
</p>
|
|
<pre>
|
|
#include <ictx.h>
|
|
#include <string.h>
|
|
|
|
|
|
int removeExpired()
|
|
{
|
|
int rc;
|
|
|
|
ictxStorageMech_t storageMech;
|
|
ictxError_t errorInfo;
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* EIM variables */
|
|
/*----------------------------------------------------------------*/
|
|
char eimerr[200];
|
|
EimRC * err;
|
|
EimHandle handle;
|
|
char * ldapURL =
|
|
"ldap://eimsystem:389/ibm-eimDomainName=myEimDomain,o=mycompany,c=us";
|
|
EimConnectInfo con;
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* EIM Setup: For the storage mechanism we will use EIM so we */
|
|
/* need to get a connected EIM handle. */
|
|
/*----------------------------------------------------------------*/
|
|
/* EIM: Set up error structure for EIM use */
|
|
/*----------------------------------------------------------------*/
|
|
memset(eimerr,0x00,200);
|
|
err = (EimRC *)eimerr;
|
|
err->memoryProvidedByCaller = 200;
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* EIM: Create a new eim handle using a specified URL */
|
|
/*----------------------------------------------------------------*/
|
|
if (0 != (rc = eimCreateHandle(&handle, ldapURL, err)))
|
|
{
|
|
.
|
|
.
|
|
.
|
|
return -1;
|
|
}
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* EIM: Set up EIM connection information */
|
|
/*----------------------------------------------------------------*/
|
|
con.type = EIM_SIMPLE;
|
|
con.creds.simpleCreds.protect = EIM_PROTECT_NO;
|
|
con.creds.simpleCreds.bindDn = "cn=admin";
|
|
con.creds.simpleCreds.bindPw = "secret";
|
|
con.ssl = NULL;
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* EIM: Connect to LDAP URL defined by handle with specified */
|
|
/* connection credentials */
|
|
/*----------------------------------------------------------------*/
|
|
if (0 != (rc = eimConnect(&handle, con, err)))
|
|
{
|
|
eimDestroyHandle(&handle, err);
|
|
.
|
|
.
|
|
.
|
|
return -1;
|
|
}
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* Set up authentication information */
|
|
/*----------------------------------------------------------------*/
|
|
storageMech.format = ICTX_STORAGE_MECH_EIM_0;
|
|
storageMech.storageMech.format0.eimHandle = &handle;
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* Retrieve authentication context */
|
|
/*----------------------------------------------------------------*/
|
|
if (0 != (rc = ictxRemovedExpiredIdContexts(&storageMech,
|
|
&errorInfo)))
|
|
{
|
|
eimDestroyHandle(&handle, err);
|
|
.
|
|
.
|
|
.
|
|
return -1;
|
|
}
|
|
|
|
eimDestroyHandle(&handle, err);
|
|
|
|
return 0;
|
|
}
|
|
|
|
</pre>
|
|
<!-- ============================================================== -->
|
|
<!-- The End -->
|
|
<!-- ============================================================== -->
|
|
<hr>
|
|
<center>
|
|
<table cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center">
|
|
<a href="#Top_Of_Page">Top</a> |
|
|
<a href="sec.htm">Security APIs</a> |
|
|
<a href="aplist.htm">APIs by category</a></td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
</BODY>
|
|
</HTML>
|