PreviousNext

Authorization

Authorization is the process of checking a client's permissions to an object that is controlled by the server. Access checking is entirely a server responsibility and involves matching the client's credentials against the permissions associated with the object. A client's credentials consist of the principal ID and group memberships contained in the client's network login context.

Authenticated RPC supports the following options for making client authorization information available to servers for access checking:

rpc_c_authz_none
No authorization information is provided to the server, usually because the server does not perform access checking.

rpc_c_authz_name
Only the client principal name is provided to the server. The server can then perform authorization based on the provided name. This form of authorization is sometimes referred to as name-based authorization.

rpc_c_authz_dce
The client's credentials (DCE Privilege Attribute Certificate or PAC) is provided to the server with each remote procedure call that is made using the binding parameter. The server performs authorization by using the client credentials. Generally, access is checked against DCE ACLs.

When a client establishes authenticated RPC, it must indicate which authorization option it wants to use.

It is the server's responsibility to implement the type of authorization appropriate for the objects that it controls. When the server calls rpc_binding_inq_auth_caller( ) to return information about an authenticated client, it gets back either the client's principal name or a pointer to the data structure that contains the client's credentials. The value that is returned depends on which type of authorization the client specified on its call to establish authenticated RPC with that server.

Each server is responsible for implementing its own access checking by means of ACL managers. When a server receives a client request for an object, the server invokes the ACL manager appropriate for that type of object and passes the manager the client's authorization data. The manager compares the client authorization data to the permissions associated with the object and either refuses or permits the requested operation. In the case of certified (PAC-based) authorization, servers must implement access checking by using the ACL facility provided by the DCE Security Service.

An ACL management API (dce_acl*) is also available.

More:

Name-Based Authorization

DCE Authorization