OSF DCE Application Development Guide--Core Components

OSF DCE Application Development Guide—Core Components

• sec_id_compat_mode_initiator

Compatibility mode is on. The pre-Version 1.1 PAC data is extracted from the EPAC

of the delegation initiator.

• sec_id_compat_mode_caller

Compatibility mode is on. The pre-Version 1.1 PAC data extracted from the EPAC of

the last intermediary in the delegation chain.

26.3 Calls to Extract Privilege Attribute Information

The EPA API sec_cred_*() and login API sec_login_cred_*() calls extract privilege

attribute information. These calls return information associated with an opaque handle to

an authenticated identity.

The sec_cred_*() calls are used by servers that have been called by a client with

authenticated credentials. The calls and the information they return are as follows:

• sec_cred_get_authz_session_info( )

Returns a client’s authorization information

• sec_cred_get_client_princ_name( )

Returns the principal name of the client

• sec_cred_get_deleg_restrictions( )

Returns delegate restrictions

• sec_cred_get_delegate( )

Returns a credential handle to the privilege attributes of a delegate in a delegation

chain

• sec_cred_get_delegation_type( )

Returns the delegation type

• sec_cred_get_extended_attrs( )

Returns extended attributes

• sec_cred_get_initiator()

Returns a credential handle to the privilege attributes of the initiator of a delegation

chain

• sec_cred_get_opt_restrictions()

Returns optional restrictions

• sec_cred_get_pa_data()

Returns privilege attributes from a credential handle

26−8 Tandem Computers Incorporated 124245