PROXY  WHOIS  RQUOTE  TEXTS  SOFT  FOREX  BBOARD
 Music  Philosophy  Code  Literature  Russian

= ROOT|Technical|RFC|rfc1508.txt =

page 12 of 28 



      o  cred_name INTERNAL NAME,

      o  lifetime_rec INTEGER -in seconds, or reserved value for
         INDEFINITE

      o  cred_usage INTEGER, -0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY,
         2=ACCEPT-ONLY

      o  mech_set SET OF OBJECT IDENTIFIER

      Return major_status codes:

      o  GSS_COMPLETE indicates that the credentials referenced by the
         input cred_handle argument were valid, and that the output
         cred_name, lifetime_rec, and cred_usage values represent,
         respectively, the credentials' associated principal name,
         remaining lifetime, suitable usage modes, and supported
         mechanism types.




 
RFC 1508               Generic Security Interface         September 1993


      o  GSS_NO_CRED indicates that no information could be returned
         about the referenced credentials, either because the input
         cred_handle was invalid or because the caller lacks
         authorization to access the referenced credentials.

      o  GSS_FAILURE indicates that the release operation failed for
         reasons unspecified at the GSS-API level.

   The GSS_Inquire_cred()  call is defined primarily for the use of
   those callers which make use of default credentials rather than
   acquiring credentials explicitly with GSS_Acquire_cred().  It enables
   callers to determine a credential structure's associated principal
   name, remaining validity period, usability for security context
   initiation and/or acceptance, and supported mechanisms.

2.2.  Context-level calls

   This group of calls is devoted to the establishment and management of
   security contexts between peers. A context's initiator calls
   GSS_Init_sec_context(),  resulting in generation of a token which the
   caller passes to the target. At the target, that token is passed to
   GSS_Accept_sec_context().  Depending on the underlying mech_type and
   specified options, additional token exchanges may be performed in the
   course of context establishment; such exchanges are accommodated by
   GSS_CONTINUE_NEEDED status returns from GSS_Init_sec_context()  and
   GSS_Accept_sec_context().  Either party to an established context may
   invoke GSS_Delete_sec_context()  to flush context information when a
   context is no longer required. GSS_Process_context_token()  is used
   to process received tokens carrying context-level control
   information. GSS_Context_time()  allows a caller to determine the
   length of time for which an established context will remain valid.

2.2.1.  GSS_Init_sec_context call

   Inputs:

   o  claimant_cred_handle OCTET STRING, -NULL specifies "use
      default"

   o  input_context_handle INTEGER, -0 specifies "none assigned
      yet"

   o  targ_name INTERNAL NAME,

   o  mech_type OBJECT IDENTIFIER, -NULL parameter specifies "use
      default"

   o  deleg_req_flag BOOLEAN,




 
RFC 1508               Generic Security Interface         September 1993


   o  mutual_req_flag BOOLEAN,

   o  replay_det_req_flag BOOLEAN,

   o  sequence_req_flag BOOLEAN,

   o  lifetime_req INTEGER,-0 specifies default lifetime

   o  chan_bindings OCTET STRING,

   o  input_token OCTET STRING-NULL or token received from target

   Outputs:

   o  major_status INTEGER,

   o  minor_status INTEGER,
=12=

1.6|7|8|9|10|11| < PREV = PAGE 12 = NEXT > |13|14|15|16|17|18.28

UP TO ROOT | UP TO DIR | TO FIRST PAGE

Google
 


E-mail Facebook Google Digg del.icio.us BlinkList Fark Furl Ma.gnolia Netscape NewsVine Reddit Slashdot Spurl StumbleUpon Technorati YahooMyWeb LiveJournal Blogmarks TwitThis Live News2.ru BobrDobr.ru Memori.ru MoeMesto.ru

0.050271 wallclock secs ( 0.00 usr + 0.00 sys = 0.00 CPU)