gss_inquire_cred_by_mech()--Get Information About GSS Credential for Single Security Mechanism
Syntax
#include <gssapi.h> OM_uint32 gss_inquire_cred_by_mech ( OM_uint32 * minor_status, gss_cred_id_t cred_handle, gss_OID mech_type, gss_name_t * name, OM_uint32 * init_lifetime, OM_uint32 * accept_lifetime, gss_cred_usage_t * cred_usage);Service Program Name: QSYS/QKRBGSS
Default public authority: *USE
Threadsafe: Yes
The gss_inquire_cred_by_mech() function returns information about a GSS credential for a single security mechanism. The information is obtained using the specified security mechanism.
Parameters
- minor_status (Output)
- A status code from the security mechanism.
- cred_handle (Input)
- The handle for the GSS credential. Specify
GSS_C_NO_CREDENTIAL to get information about the default
credential for the default security mechanism.
- mech_type (Input)
- The mechanism to be used to obtain the returned information as follows:
gss_mech_krb5_old Beta Kerberos V5 mechanism gss_mech_krb5 Kerberos V5 mechanism
- name (Output)
- The principal name associated with the credential. Specify
NULL for this parameter if the principal name is not
required.
- init_lifetime (Output)
- The number of seconds for which the credential remains valid for initiating
contexts. Specify NULL for this parameter if the credential
lifetime is not required.
- accept_lifetime (Output)
- The number of seconds for which the credential remains valid for accepting
contexts. Specify NULL for this parameter if the credential
lifetime is not required.
- cred_usage (Output)
- One of the following values describing how the application can use the
credential. Specify NULL for this parameter if the credential
usage is not required.
GSS_C_ACCEPT The application may accept a security context. GSS_C_BOTH The application may both initiate and accept security contexts. GSS_C_INITIATE The application may initiate a security context.
Return Value
The return value is one of the following status codes:
- GSS_S_BAD_MECH
- The requested mechanism is not supported.
- GSS_S_COMPLETE
- The routine completed successfully.
- GSS_S_CREDENTIALS_EXPIRED
- The credentials have expired. Credential information will still be returned
for an expired credential, but the lifetime value will be returned as
zero.
- GSS_S_DEFECTIVE_CREDENTIAL
- The credentials are not valid.
- GSS_S_FAILURE
- The routine failed for reasons that are not defined at the GSS level. The
minor_status return parameter contains a mechanism-dependent error
code describing the reason for the failure.
- GSS_S_NO_CRED
- The cred_handle parameter does not refer to a valid credential or there are no default credentials available.
Authorities
Object Referred to | Data Authority Required |
---|---|
Each directory in the path name preceding the configuration file | *X |
Configuration file | *R |
Error Messages
Message ID | Error Message Text |
---|---|
CPE3418 E | Possible APAR condition or hardware failure. |
API introduced: V5R1
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]