The optional authentication token data (
X'12F6')
GDS variable is used to convey authentication tokens on a conversation
before user data. The layout of the authentication token is as follows:
- Byte
- Meaning
- 0–1
- Length (p+1), in binary, of authentication token data GDS variable,
including this length field
- 2–3
- GDS ID: X'12F6'
- 4–5
- Header Length: length of authentication header. Valid values are
0 to n-5.
- 6–n
- SNA specific header
- 6
- Header byte bit 0 has the following meaning:
- B'0'
- Token exchanges are to continue using the conversation's session.
- B'1'
- Additional token exchanges for this conversation are to be performed
using the distributed authentication service TP. If on, the associated
FMH5 must contain a valid conversation correlator.
- 7
- Length of security mechanism object identifier. Valid values are
0 to 32.
- 8—m
- BER encoded form of the security mechanism's object identifier.
Only required in initial flow from Attach sender. If omitted, associated
length contains 0.
The rest of the SNA specific header is reserved.
- n+1–n+2
- Length of the generic security services (GSS) API authentication
token. Valid values are 0 – 24 576. A length of 0 is referred to as
a null token.
- n+3–p
- A string of bytes containing the GSS-API authentication token.