krb5_get_credentials_validate()--Validate Service Ticket
Syntax
#include <krb5.h> krb5_error_code krb5_get_credentials_validate( krb5_context context, krb5_const krb5_flags options, krb5_ccache ccache, krb5_creds * in_cred, krb5_creds ** out_cred);Service Program Name: QSYS/QKRBGSS
Default Public Authority: *USE
Threadsafe: Yes
The krb5_get_credentials_validate() routine validates a service ticket for the requested service. Upon successful completion, the credentials cache is reinitialized and the service ticket is stored in the cache.
Authorities
Object Referred to | Data Authority Required |
---|---|
Each directory in the path name preceding the credentials cache file | *X |
Credentials cache file | *RW |
Parameters
- context (Input)
- The Kerberos context.
- options (Input)
- The option flags as follows:
KRB5_GC_USER_USER (x'00000001') Obtain a user-to-user ticket.
- ccache (Input)
- The credentials cache to be used.
- in_cred (Input)
- The request credentials. The client and server fields
must be set to the desired values for the service ticket. The
second_ticket field must be set if the service ticket is to be
encrypted in a session key. The ticket expiration time can be set to override
the default expiration time.
- out_cred (Output)
- The service ticket. The krb5_free_creds() routine should be called to release the credentials when they are no longer needed.
Return Value
If no errors occur, the return value is 0. Otherwise, a Kerberos error code is returned.
Error Messages
Message ID | Error Message Text |
---|---|
CPE3418 E | Possible APAR condition or hardware failure. |
API introduced: V5R1
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]