OSF DCE Application Development Guide--Core Components

The Login API

sec_login_get_current_context(&login_context,&st);

sec_login_inquire_net_info(login_context,&net_info,&st);

for (i=0; i < num_groups; i++)

{

... query whether user wants to discard any current group

memberships. Copy new group set to new_groups array ...

}

if (!sec_login_newgroups(login_context,sec_login_no_flags,

num_new_groups, new_groups, &restricted_context,&st))

{

if (st == sec_login_s_groupset_invalid)

printf("Newgroupsetinvalid\n");

...application-specific error handling...

}

Note that the sec_login_newgroups( ) call can only return a restricted groupset: it

cannot return a groupset larger than the one associated with the login context that is

passed to it. This routine also enables the calling process to ﬂag the new login context

as private to the calling process.

29.6 Miscellaneous Login API Functions

The following subsections describe a few miscellaneous login API routines, some of

which have appeared previously in examples in this chapter.

29.6.1 Getting the Current Context

The sec_login_get_current_context( ) routine returns a handle to the login context for

the currently established principal. This routine is useful for several login API functions

that take a login context handle as input.

29.6.2 Getting Information from a Login Context

The sec_login_inquire_net_info( ) routine returns a data structure comprising the

principal’s PAC, account expiration date, password expiration date, and identity

expiration date. The sec_login_free_net_info( ) frees the memory allocated to this data

124245 Tandem Computers Incorporated 29−7