#include <krb5.h> krb5_error_code gss_export_cred ( OM_uint32 * minor_status, gss_cred_id_t cred_handle, gss_buffer_t cred_token)Service Program Name: QSYS/QKRBGSS
The gss_export_cred() routine creates a credential token for a GSS-API credential. This credential token can then be given to another process on the same system or on a different system. This second process calls gss_import_cred() to create a GSS-API credential from the credential token. In order to use the credential on a different system, the security mechanism must allow the credential to be used from any system. In the case of the Kerberos security mechanism, this means the Kerberos ticket must not contain a client address list.
A credential can be exported only if it is an initiate credential (GSS_C_INITIATE was specified when the credential was created). The major status will be set to GSS_S_NO_CRED if the credential is not an initiate credential. The credential remains available upon completion of the export operation and can be used in subsequent GSS-API operations. The credential token created by one implementation of GSS-API cannot be used with a different implementation of GSS-API.
The return value is one of the following status codes:
None.
Message ID | Error Message Text |
---|---|
CPE3418 E | Possible APAR condition or hardware failure. |
CPFA081 E | Unable to set return value or error code. |
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]