OSF DCE Application Development Guide--Introduction and Style Guide
OSF DCE Application Development Guide—Introduction and Style Guide
status);
/* Get key from local file... */
sec_key_mgmt_get_key(rpc_c_authn_dce_secret,
keytab,
prin_name,
0,
(void**)&keydata,
status);
/* Validate the login context... */
sec_login_validate_identity(login_context,
keydata,
&reset_pwd,
&auth_src,
status);
}
}
The server initialization code need then only make the following calls to establish server
authentication and obtain valid credentials:
/* Register server authentication information... */
rpc_server_register_auth_info(server_principal_name,
rpc_c_authn_dce_secret,
NULL,
KEYTAB,
&status);
/* Assume new identity... */
server_get_identity(server_principal_name,
&login_context,
(unsigned_char_p_t)KEYTAB,
&status);
Once the server has been running for a while, so that credentials may have expired, the
server calls server_renew_identity() before undertaking any task that requires valid
credentials. For example, a server typically needs to call this operation before
attempting to clean up its name space before shutting down.
3.3.7 Default Client Authentication Steps
Once a client has inherited or created a validated identity, the only step required is to
call rpc_binding_set_auth_info(). The client must supply a server principal name as an
argument to this call.
Clients can inquire for the principal identity of a server by calling
rpc_mgmt_inq_server_princ_name( ). If the client does not care about the principal
identity of the server, the returned value can be supplied to
rpc_binding_set_auth_info() without further ado. If the client will only accept certain
3− 14 Tandem Computers Incorporated 124246