Content-type: text/html Man page of sia_validate_user

sia_validate_user

Section: C Library Functions (3)
Index Return to Main Contents
 

NAME

sia_validate_user - perform password validation for SIA (Security Integration Architecture)  

LIBRARY

Standard C library (libc.so and libc.a)  

SYNOPSIS

#include <sia.h>
#include <siad.h>

int sia_validate_user(        sia_collect_func_t *collect,
       int argc,
       char **argv,
       char *hostname,
       char *username,
       char *tty,
       int colinput,
       char *gssapi,
       char *passphrase);
 

PARAMETERS

The collect parameter is a pointer to an SIA collection routine. If this pointer is NULL, no collection is possible. If the pointer is not NULL and the can_collect_input parameter entered during the sia_ses_init() call was zero, then this collection routine cannot be used to prompt for input, but can be used to display warnings or error messages. This parameter is read only. The argc and argv parameters are used by the underlying security mechanisms for generating audit records and initializing database accesses. There should always be at least one argument argv[0] which contains the name of the command or utility issuing a session initialization. These parameters are read only. The hostname parameter is used to determine if the session is being requested by a remote system. If the request is from a remote system, the hostname parameter points to a string containing the remote host information. If information about the requesting remote user is available, the information is in the form "node::user" for DECnet or "[email protected]" for IP. If the remote user information is not available, the information is the remote "host". For local requests, this parameter is passed as a NULL pointer. The username parameter is be set to point to the name or string representing the requesting user if this information is available. Otherwise this parameter is set to NULL. This parameter is read only. The ttyname parameter is set to point to the name or string representing the requesting or active tty if this information is available. Otherwise this parameter is set to NULL. This parameter is read only. The colinput parameter specifies whether the collection of input is allowed during this session. A "1" means yes and "0" means no. This parameter is read only. The gssapi pointer is for future expansion to utilize gss_api datatypes. It is not currently used and should be set to NULL. This parameter is currently read only.
 The passphrase parameter provides a precollected password to the authentication routine. Set this parameter to NULL if no passphrase has been precollected. This parameter is read only. Note that some third-party security mechanisms may fail to validate users when the passphrase has been pre-collected, since those mechanisms may have time-dependent challenge-response dialogues as an authentication requirement. If this parameter is NULL, and a collection routine is provided, and the colinput parameter is non-zero, the passphrase will be gathered through the collection routine if required.  

DESCRIPTION

The sia_validate_user() routine performs password validation by calling sia_ses_init(), sia_ses_reauthent(), and sia_ses_release.  

RETURN VALUES

The sia_val_user() routine returns SIASUCCESS if sia_ses_init(), sia_ses_reauthent(), and sia_ses_release succeed. SIAFAIL is returned if any of the routines fail.  

ERRORS

The errno value is not (normally) set explicitly by sia_* routines. The errno values are those returned from the dynamic loader interface, from dependent (siad_*) routines, or from malloc. Possible errors include resource constraints (no memory) and various authentication failures.  

FILES

/etc/sia/matrix.conf  

RELATED INFORMATION

sia_ses_reauthent(3), sia_ses_release(3), sia_ses_init(3), siad_ses_init(3), siad_init(3), matrix.conf(4)

Security delim off


 

Index

NAME
LIBRARY
SYNOPSIS
PARAMETERS
DESCRIPTION
RETURN VALUES
ERRORS
FILES
RELATED INFORMATION

This document was created by man2html, using the manual pages.
Time: 02:42:39 GMT, October 02, 2010