OSF DCE Application Development Guide--Core Components
OSF DCE Application Development Guide—Core Components
14.2.3 Authenticated RPC Routines
Authenticated RPC is implemented as a set of related RPC routines. Some of the
routines are for use by clients, some are for use by servers and their managers, and some
are for use by both clients and servers. The authenticated RPC routines are as follows:
rpc_binding_set_auth_info()
A client calls this routine to establish an authentication service,
protection level, and authorization service for a server binding handle.
The client identifies the server by supplying the server’s principal name.
The RPC runtime, in conjunction with the security service, applies the
authentication service and protection level to all subsequent remote
procedure calls made using the binding handle.
rpc_binding_inq_auth_info()
A client calls this routine to return the authentication service, protection
level, and authorization service that are in effect for a specified server
binding handle. This routine also returns the principal name of the
server associated with the binding handle.
rpc_mgmt_inq_dflt_protect_level( )
A client or a server calls this routine to learn the default protection level
that is in force for a given authentication service.
rpc_mgmt_inq_server_princ_name( )
A client, a server, or a server manager can call this routine to return the
principal name that a server has registered with the RPC runtime via the
rpc_server_register_auth_info() routine. A client can identify the
desired server by supplying a server binding handle and the
authentication service associated with the registered principal name.
rpc_server_register_auth_info()
A server calls this routine to register an authentication service that it
wants to support and the server principal name to be associated with the
registered service. The server can also optionally supply the address of
a key retrieval routine to be called by the security service as part of the
client authentication process. The routine is a user-supplied function
whose purpose is to provide the server’s key to the DCE security
runtime.
Note that the server registers only an authentication service. It does not
establish a protection level or an authorization service. These are the
responsibilities of the client.
rpc_binding_inq_auth_caller( )
A server calls this routine to return the authentication service, protection
level, and authorization service that is associated with the binding
handle of an authenticated client. This call also returns the server
principal name specified by the client on its call to
rpc_binding_set_auth_info().
rpc_mgmt_set_authorization_fn()
A server calls this routine to establish a user-supplied authorization
14 − 12 Tandem Computers Incorporated 124245