rpc_server_register_auth

rpc_server_register_auth_ident(3rpc)

Registers user-to-user based authentication information with the RPC runtime; used by server applications

Synopsis

#include <dce/rpc.h>

void rpc_server_register_auth_ident(

unsigned_char_p_t *server_princ_name,

unsigned32 authn_svc,

rpc_auth_identity_handle_t auth_identity,

unsigned32 *status);

Parameters

Input

server_princ_name
A pointer to the principal name to use for the server when authenticating remote procedure calls. The content of the name and its syntax is defined by the authentication service in use.

authn_svc
Specifies the authentication service to use when the server receives a remote procedure call request. The following authentication services are supported:

rpc_c_authn_none
No authentication.

rpc_c_authn_dce_secret
DCE shared-secret key authentication.

rpc_c_authn_dce_public
DCE public key authentication (reserved for future use).

rpc_c_authn_default
DCE default authentication service.

auth_identity
Specifies a handle for the data structure that contains the client's authentication and authorization credentials appropriate for the selected authentication and authorization services.

When using the rpc_c_authn_dce_secret authentication service and any authorization service, this value must be a sec_login_handle_t, which can be obtained from one of the following routines:

· sec_login_setup_identity( )

· sec_login_get_current_context( )

· sec_login_import_context( )

Specify NULL to use the default security login context for the current address space.

Output

status
Returns the status code from this routine. This status code indicates whether the routine completed successfully or, if not, why not.

Description
The rpc_server_register_auth_ident( ) routine registers an authentication service to use for authenticating remote procedure calls to a particular server principal. This routine is used for user-to-user authentication where the server principal's credentials are available, but not the server principal's long-term key. Use the rpc_server_register_auth_info( ) routine for server-key based authentication.

A server calls this routine once for each authentication service and principal name combination that it wants to register. The authentication service specified by a client (using the rpc_binding_set_auth_info( ) routine) must be one of the authentication services registered by the server. If it is not, the client's remote procedure call request fails with an rpc_s_unknown_authn_service status code.

Return Values
No value is returned.

Errors

The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

rpc_s_ok
Success

rpc_s_unknown_authn_service
Unknown authentication service.

sec_s_user_to_user_disabled
Account is not allowed to use user-to-user protocol registration.

sec_s_multiple_u2u_req
Server identity has already been registered.

sec_s_svr_type_conflict
Simultaneous registration of both keytable and identity is not supported. Server has already registered with the rpc_server_register_auth_info( ) routine.

Related Information
Functions: rpc_binding_set_auth_info(3rpc)

rpc_server_register_auth_info(3rpc)