OSF DCE Application Development Guide--Core Components
Chapter 31. The Access Control List APIs
As a rule, DCE Security Service interfaces are local client-side APIs only. The access
control list (ACL) facility includes this kind of interface, and some others as well, as
follows:
• The DCE client ACL interface, sec_acl_*(), is a local interface that calls a client-
side implementation of the ACL network interface. It enables clients to browse or
edit DCE ACLs.
• The DCE server ACL manager library, dce_acl_*(), enables servers to perform
DCE-conformant authorization checks at runtime. This ACL library provides an
implementation of the ACL manager interface and the ACL network interface. It
supports the development of ACL managers for DCE servers.
• The DCE ACL network interface, rdacl_*(), enables servers that manage access
control to communicate with sec_acl-based clients.
Figure 31-1 provides a schematic view of the relationships and usage of these interfaces,
as well as some relevant RPC interfaces. This chapter first discusses the client API, and
then the two server program interfaces.
124245 Tandem Computers Incorporated 31−1