krb5_get_credentials_validate()--Validate Service Ticket

Syntax

 #include <krb5.h>

 krb5_error_code krb5_get_credentials_validate(  
     krb5_context     context,
     krb5_const krb5_flags    options,
     krb5_ccache      ccache,
     krb5_creds *       in_cred,
     krb5_creds **      out_cred);

  Service Program Name: QSYS/QKRBGSS

  Default Public Authority: *USE

  Threadsafe: Yes

The krb5_get_credentials_validate() routine validates a service ticket for the requested service. Upon successful completion, the credentials cache is reinitialized and the service ticket is stored in the cache.

Authorities

Object Referred to	Data Authority Required
Each directory in the path name preceding the credentials cache file	*X
Credentials cache file	*RW

Parameters

context (Input)

The Kerberos context.

options (Input)

The option flags as follows:

KRB5_GC_USER_USER (x'00000001')

Obtain a user-to-user ticket.

ccache (Input)

The credentials cache to be used.

in_cred (Input)

The request credentials. The client and server fields must be set to the desired values for the service ticket. The second_ticket field must be set if the service ticket is to be encrypted in a session key. The ticket expiration time can be set to override the default expiration time.

out_cred (Output)

The service ticket. The krb5_free_creds() routine should be called to release the credentials when they are no longer needed.

Return Value

If no errors occur, the return value is 0. Otherwise, a Kerberos error code is returned.

Error Messages

Message ID	Error Message Text
CPE3418 E	Possible APAR condition or hardware failure.

API introduced: V5R1

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]