gss_inquire_cred()--Get Information About GSS Credential
Syntax
#include <gssapi.h> OM_uint32 gss_inquire_cred ( OM_uint32 * minor_status, gss_cred_id_t cred_handle, gss_name_t * name, OM_uint32 * lifetime, gss_cred_usage_t * cred_usage, gss_OID_set * mechanisms);Service Program Name: QSYS/QKRBGSS
Default public authority: *USE
Threadsafe: Yes
The gss_inquire_cred() function returns information about a GSS credential to the calling application. If GSS_C_NO_CREDENTIAL is specified for the cred_handle parameter, the default security mechanism is used to process the request.
Parameters
- minor_status (Output)
- A status code from the security mechanism.
- cred_handle (Input)
- The handle for the GSS credential. Specify
GSS_C_NO_CREDENTIAL to get information about the default
credential for the default security mechanism.
- name (Output)
- The principal name associated with the credential. Specify
NULL for this parameter if the principal name is not
required.
- lifetime (Output)
- The number of seconds for which the credential remains valid. The returned
value is zero if the credential has expired. Specify NULL for
this parameter if the credential lifetime is not required.
- cred_usage (Output)
- One of the following values describing how the application can use the
credential. Specify NULL for this parameter if the credential
usage is not required.
GSS_C_INITIATE The application may initiate a security context. GSS_C_ACCEPT The application may accept a security context. GSS_C_BOTH The application may both initiate and accept security contexts.
- mechanisms (Output)
- The set of security mechanisms supported by the credential. Specify NULL for this parameter if the mechanism set is not required. The gss_OID_set returned for this parameter should be released when it is no longer needed by calling the gss_release_oid_set() routine.
Return Value
The return value is one of the following status codes:
- GSS_S_COMPLETE
- The routine completed successfully.
- GSS_S_CREDENTIALS_EXPIRED
- The credentials have expired. Credential information is still returned for
an expired credential, but the lifetime value is returned as zero.
- GSS_S_DEFECTIVE_CREDENTIAL
- The credentials are not valid.
- GSS_S_FAILURE
- The routine failed for reasons that are not defined at the GSS level. The
minor_status return parameter contains a mechanism-dependent error
code describing the reason for the failure.
- GSS_S_NO_CRED
- The cred_handle parameter does not refer to a valid credential or
there are no default credentials available.
Authorities
Object Referred to | Data Authority Required |
---|---|
Each directory in the path name preceding the configuration file | *X |
Configuration file | *R |
Each directory in the path name preceding the credential cache file | *X |
Credential cache file | *RW |
Error Messages
Message ID | Error Message Text |
---|---|
CPE3418 E | Possible APAR condition or hardware failure. |
API introduced: V5R1
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]