Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
SAF user mapping plug-in lookup function – safMappingLookup() z/OS Security Server RACF Macros and Interfaces SA23-2288-00 |
|||||||||||||||||||||||||||||||||||||||||||||||||
FunctionThis function returns SAF user credentials when it can find a mapping from the source user credentials to a SAF user. The source user information and the returned user information can be a user ID, a user ID and password, or some other forms of user credentials. The plug-in implementation might be able to process all types of credentials or just a subset. The default plug-in implementation accepts a source user ID and returns a SAF user ID. The first call to safMappingLookup() must be preceded by a call to safMappingInit(). Format
Requirements
RACF® authorizationThe calling application does not require special authorization before calling safMappingLookup() when you use the default SAF user mapping plug-in implementation. However, the calling application requires authorization to create a mapping handle. See SAF user mapping plug-in initialization function – safMappingInit() for more information. Note: Other SAF user mapping plug-in implementations might have different
authorization requirements.
Usage notesThe safMappingLookup() parameters behave as follows:
Function return valuesThe safMappingLookup() function returns a number of pieces of information to help you with problem determination. The SAF return value, the plug-in return code (mErr->mpiReturnCode), the plug-in reason code (mErr->mpiReasonCode), and an error string (mErr->message) are returned by the plug-in interface code or the plug-in implementation. In addition, the version of the plug-in interface (mErr->mpiVersion) and any plug-in implementation specific data (mErr->mpiInfo) can be found in the SafmapErr structure. Special processing occurs for parameter errors (mErr->mpiReturnCode == SAFMAP_ERROR_PARMERR) and unsupported credential types (mErr->mpiReturnCode == SAFMAP_ERROR_NOTSUP). The plug-in reason code (mErr->mpiReasonCode) contains a number identifying which parameter in the parameter list is in error. The cleanup of the connection with the plug-in implementation occurs when the SAF return value is SAFMAP_ERROR or SAFMAP_SEVERE. The SAF return values and the plug-in return codes (mErr->mpiReturnCode) are listed in the following table. These SAF return values and plug-in return codes are standard across the plug-in implementations. The plug-in reason code (mErr->mpiReasonCode) is unique to the plug-in implementation, except as previously noted.
|
Copyright IBM Corporation 1990, 2014
|