VMS Help  —  DCE  DCE_SECURITY, API Routines, sec_login_cred_get_delegate
 NAME
   sec_login_cred_get_delegate - Returns a handle to the privilege
                                 attributes of an intermediary in a
                                 delegation chain

 Used by clients.

 SYNOPSIS

 #include <dce/sec_login.h>

 sec_cred_pa_handle_t sec_login_cred_get_delegate(
         sec_login_handle_t login_context,
         sec_cred_cursor_t *cursor,
         error_status_t *status);

 PARAMETERS

 Input

 login_context
        A value of sec_login_handle_t that provides an opaque handle to
        a login context for which delegation has been enabled. The
        sec_login_handle_t that specifies the identity is supplied
        as output of the sec_login_become_delegate() call.

 Input/Output

 cursor
     As input, a pointer to a cursor of type sec_cred_cursor_t that
     has been initialized by the sec_login_cred_init_cursor() call.
     As an output parameter, cursor is a pointer to a cursor of type
     sec_cred_cursor_t that is positioned past the principal whose
     privilege attributes have been returned in this call.

 Output

 status
        A pointer to the completion status.  On successful completion,
        status is assigned error_status_ok.  Otherwise, it returns an
        error.

 DESCRIPTION

 The sec_login_cred_get_delegate() routine returns a handle of type
 sec_login_handle_t to the the privilege attributes of an intermediary
 in a delegation chain that performed an authenticated RPC operation.

 This call is used by clients. Servers use the  sec_cred_get_delegate()
 routine to return the privilege attribute handle of an intermediary in
 a delegation chain.

 The login context identified by login_context contains all members in
 the delegation chain.  This call returns a handle (sec_cred_pa_handle_t)
 to the privilege attributes of one of the delegates in the login
 context.  The sec_cred_pa_handle_t returned by this call is used in
 other sec_cred_get... calls to obtain privilege attribute information
 for a single delegate.

 To obtain the privilege attributes of each delegate in the credential
 handle identified by callers_identity, execute this call until the
 message sec_cred_s_no_more_entries is returned.

 Before you execute sec_login_cred_get_delegate(), you must execute a
 sec_login_cred_init_cursor() call to initialize a cursor of type
 sec_cred_cursor_t.

 Use the sec_cred_free_pa_handle() sec_cred_free_cursor() calls to free
 the resources allocated to the sec_cred_pa_handle_t and cursor.

 FILES
       SYS$COMMON:[DCE$LIBRARY]SEC_LOGIN.IDL
              The idl file from which dce/sec_login.h was derived.

 ERRORS

 sec_cred_s_invalid_cursor

 sec_cred_s_no_more_entries

 error_status_ok

 EXAMPLES

 RELATED INFORMATION

 Functions: sec_intro
            sec_login_cred_init_cursor
            sec_cred_get_pa_date
            sec_cred_get_extended_attrs
            sec_cred_get_v1_pac
            sec_cred_get_tgt_restrictions
            sec_cred_get_deleg_restrictions
            sec_cred_get_opt_restrictions
            sec_cred_get_req_restrictions
            sec_cred_get_delegation_type
Close Help