OSF DCE Application Development Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series

241

242

243

244

245

246

247

248

249

250

RPC and Other DCE Components

function to validate remote client calls to the server’s management

routines. For example, the user function can call

rpc_binding_inq_auth_caller( ) to return authentication and

authorization information about the calling client. The RPC runtime

calls the user-supplied function whenever it receives a client request to

execute one of the following server management routines:

• rpc_mgmt_inq_if_ids( )

• rpc_mgmt_inq_server_princ_name()

• rpc_mgmt_inq_stats()

• rpc_mgmt_is_server_listening( )

• rpc_mgmt_stop_server_listening( )

When an unauthenticated client calls a server that has speciﬁed authentication, the RPC

runtime will not perform any authentication, and the call will reach the application

manager code. It is up to the manager to decide how to deal with the unauthenticated

call.

Typically, servers and clients establish authentication as follows:

• The server speciﬁes an authentication service for a principal identity under which it

runs by calling rpc_server_register_auth_info(). The authentication service is

speciﬁed by the authn_svc parameter of this call. Currently, servers may specify

either DCE secret key authentication (by supplying either rpc_c_authn_dce_secret

or rpc_c_authn_default) or no authentication (by supplying rpc_c_authn_none).

The speciﬁed authentication service will be used if it is also requested by the client.

• The client sets authentication for a binding handle by calling

rpc_binding_set_auth_info( ). The choices are also currently either DCE secret key

or no authentication. Client calls made on the binding handle attempt to use the

speciﬁed authentication service.

• The server manager code calls rpc_binding_inq_auth_caller() to extract any

authorization information from the client binding for the call.

14.3 Directory Services and RPC: Using the Namespace

This section discusses how the DCE RPC NSI conﬁgures directory service entries and

how RPC applications can use those entries. The following topics are included:

• Directory service entries deﬁned by NSI

Describes the kinds of directory service entries NSI deﬁnes.

• Searching the namespace

Describes how the namespace is searched when a client requests binding

information.

• Strategies for using directory service entries

124245 Tandem Computers Incorporated 14− 13