SaferAPIGetTrustedSignonWithEnv Function

For users to be successfully authenticated by Access Manager, OS signons must exist and be enabled in the current namespace.

The memory for the returned trustedSignonName and trustedDomainName is allocated internally in this API. If the function returns SAFER_SUCCESS, Access Manager calls SaferAPIFreeTrustedSignon to free the memory allocated.

The memory for the returned reqEnvVarList is allocated internally in this API. If the function returns SAFER_INFO_REQUIRED, Access Manager calls SaferAPIFreeBuffer() to free the memory allocated.

You must implement both the SaferAPIGetTrustedSignon and SaferAPIFreeBuffer functions to successfully register the library when SaferAPIGetTrustedSignonWithEnv is implemented. The function SaferAPIGetError is required only if you want specific error messages returned from your plug-in.

Syntax

SaferAPIGetTrustedSignonWithEnv(
   EnvVar             envVar[],                    /*[IN]*/
   char               **reqEnvVarList,             /*[OUT]*/
   void               **trustedSignonName,         /*[OUT]*/
   unsigned long      *trustedSignonNameLength,    /*[OUT]*/
   void               **trustedDomainName,         /*[OUT]*/
   unsigned long      *trustedDomainNameLength,    /*[OUT]*/
   SAFER_USER_TYPE    *userType,                   /*[OUT]*/
   void               **implementerData);          /*[IN/OUT]*/

Parameters for the SaferAPIGetTrustedSignonWithEnv Function

Table 1. Parameters and description for the SaferAPIGetTrustedSignonWithEnv Function

Parameter

Description

[in] envVar

An array of environment variable names and values that were retrieved from the Web server. The end of the array is represented by an entry with a null envVarName and a null envVarValue. Note that the first time this API is called, the envVar array contains only the end of array marker.

[in] reqEnvVarList

A string that contains a comma-separated list of environment variable names that are requested by the Safer implementation. The end of the list must be null-terminated.

[out] trustedSignonName

A sequence of bytes that identifies the currently authenticated user. This value does not need to be null-terminated. This value is mandatory.

[out] trustedSignonNameLength

An integer value that indicates the length of the trustedSignonName. This length should exclude the null terminator, if there is one. This value is mandatory.

[out] trustedDomainName

A sequence of bytes that identifies the domain of the currently authenticated user. You do not need to null-terminate this value. If there is no trustedDomainName, the return is null. This value is optional.

[out] trustedDomainNameLength

An integer value that indicates the length of the trustedDomainName. This length should exclude the null terminator, if there is one. This value is mandatory and must be set to zero if there is no trustedDomainName.

[out] userType

A value that indicates the type of user that Access Manager will authenticate. This value is mandatory.

The following return values are required for Access Manager to successfully authenticate users:
SAFER_NORMAL_USER
A named user. OS signons must exist and be enabled in the current namespace.
SAFER_GUEST_USER
A guest user. A guest user account must exist and be enabled in the current namespace.
SAFER_ANONYMOUS_USER
An anonymous user. An anonymous user account must exist and be enabled in the current namespace.

[in/out] implementerData

A pointer used to preserve implementation-specific data between invocations. An invocation occurs every time Access Manager calls the trusted signon plug-in. This value is valid only if the trusted signon plug-in was invoked and you set a value for it.