gss_inquire_cred()--Get Information About GSS Credential


  Syntax 
 #include <gssapi.h>

 OM_uint32 gss_inquire_cred (
     OM_uint32 *    minor_status,
     gss_cred_id_t      cred_handle,  
     gss_name_t *   name,
     OM_uint32 *    lifetime,
     gss_cred_usage_t *   cred_usage,  
     gss_OID_set *    mechanisms);
  Service Program Name: QSYS/QKRBGSS

  Default public authority: *USE

  Threadsafe: Yes

The gss_inquire_cred() function returns information about a GSS credential to the calling application. If GSS_C_NO_CREDENTIAL is specified for the cred_handle parameter, the default security mechanism is used to process the request.


Parameters

minor_status  (Output)
A status code from the security mechanism.

cred_handle  (Input)
The handle for the GSS credential. Specify GSS_C_NO_CREDENTIAL to get information about the default credential for the default security mechanism.

name  (Output)
The principal name associated with the credential. Specify NULL for this parameter if the principal name is not required.

lifetime  (Output)
The number of seconds for which the credential remains valid. The returned value is zero if the credential has expired. Specify NULL for this parameter if the credential lifetime is not required.

cred_usage  (Output)
One of the following values describing how the application can use the credential. Specify NULL for this parameter if the credential usage is not required.

GSS_C_INITIATE The application may initiate a security context.
GSS_C_ACCEPT The application may accept a security context.
GSS_C_BOTH The application may both initiate and accept security contexts.


mechanisms  (Output)
The set of security mechanisms supported by the credential. Specify NULL for this parameter if the mechanism set is not required. The gss_OID_set returned for this parameter should be released when it is no longer needed by calling the gss_release_oid_set() routine.

Return Value

The return value is one of the following status codes:

GSS_S_COMPLETE
The routine completed successfully.

GSS_S_CREDENTIALS_EXPIRED
The credentials have expired. Credential information is still returned for an expired credential, but the lifetime value is returned as zero.

GSS_S_DEFECTIVE_CREDENTIAL
The credentials are not valid.

GSS_S_FAILURE
The routine failed for reasons that are not defined at the GSS level. The minor_status return parameter contains a mechanism-dependent error code describing the reason for the failure.

GSS_S_NO_CRED
The cred_handle parameter does not refer to a valid credential or there are no default credentials available.


Authorities

Object Referred to Data Authority Required
Each directory in the path name preceding the configuration file *X
Configuration file *R
Each directory in the path name preceding the credential cache file *X
Credential cache file *RW


Error Messages

Message ID Error Message Text
CPE3418 E Possible APAR condition or hardware failure.

API introduced: V5R1

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]