krb5_auth_to_rep()--Convert a Kerberos Authenticator

Syntax

 #include <krb5.h>

 krb5_error_code krb5_auth_to_rep(
     krb5_context     context,
     krb5_tkt_authent *     authent,
     krb5_donot_replay *    replay);

  Service Program Name: QSYS/QKRBGSS

  Default Public Authority: *USE

  Threadsafe: Conditional. See Usage Notes.

The krb5_auth_to_rep() function extracts information from ticket authentication data and builds a replay cache entry. This entry can then be used to check for ticket replay by calling the krb5_rc_store() routine to save the entry in the replay cache.

Authorities

No authorities are required.

Parameters

context (Input): The Kerberos context.
authent (Input): The Kerberos authenticator.
replay (Output): The replay entry data. The krb5_rc_free_entry_contents() routine should be called to release the entry data when it is no longer needed.

Return Value

If no errors occur, the return value is 0. Otherwise, a Kerberos error code is returned.

Error Messages

Message ID	Error Message Text
CPE3418 E	Possible APAR condition or hardware failure.

Usage Notes

The Kerberos protocol runtime provides no concurrency control for the authentication context. If the application wants to use the same authentication context in multiple threads, it is the responsibility of the application to serialize access to the authentication context so that only a single thread is accessing the authentication context at any time.

API introduced: V5R1

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]