OSF DCE Application Development Guide--Core Components
OSF DCE Application Development Guide—Core Components
29.4 Importing and Exporting Contexts
Under some circumstances, an application may need two processes to run using the
same login context. A process may acquire its login context in a form suitable for
imparting to another process by calling sec_login_export_context(). This call collects
the login context from the local context cache and loads it into a buffer. Another process
may then call sec_login_import_context() to unpack the buffer and create its own login
context cache to store the imported context. Since the context has already been
validated, the process that imports it may use it immediately. (The CDS clerk is an
example of a context importer.)
These operations are strictly local; that is, the exporting and importing processes must be
running on the same host. In addition, a process cannot export a private context.
29.5 Changing a Groupset
The sec_login_newgroups( ) routine enables a principal to assume the minimum
groupset that is required to accomplish a given task. For example, a user may have
privilege attributes that include membership in an administrative group associated with a
comprehensive permission set, and membership in a user group associated with a more
restricted permission set. Such a user may not want the permissions associated with the
administrative group, except when those permissions are essential to an administrative
task (so as to avoid inadvertent damage to objects that are accessible to members of the
administrative group, but not to members of the user group).
To offer users the capability of removing groups from their groupsets, an application
may use the login API as shown in the following example.
Note: Two of the function calls that appear in the following example,
sec_login_get_current_context( ) and sec_login_inquire_net_info(), are
described in the following section.
29−6 Tandem Computers Incorporated 124245