UNIX Authentication
A process calling a remote procedure might need to identify itself as it is identified on the UNIX system. The value of the credential's discriminant of an RPC call message is AUTH_UNIX.
struct auth_unix {
unsigned stamp;
string machinename;
unsigned uid;
unsigned gid;
unsigned gids;
};
The parameters in the structure are defined as follows:
Item | Description |
---|---|
stamp | Specifies the arbitrary ID generated by the caller's workstation. |
machinename | Specifies the name of the caller's workstation. The name must not exceed 255 bytes in length. |
uid | Specifies the caller's effective user ID. |
gid | Specifies the caller's effective group ID. |
gids | Specifies the counted array of group IDs that contain the caller as a member. A maximum of 10 groups is allowed. |
The verifier accompanying the credentials should be AUTH_NULL.
The value of the discriminant in the response verifier of the reply message from the server is either AUTH_NULL or AUTH_SHORT. If the value is AUTH_SHORT, the bytes of the response verifier's string encode an opaque structure. The new opaque structure can then be passed to the server in place of the original AUTH_UNIX credentials. The server maintains a cache that maps shorthand opaque structures (passed back by way of an AUTH_SHORT-style response verifier) to the original credentials of the caller. The caller saves network bandwidth and server CPU time when the shorthand credentials are used.