#include <XrdSecsssID.hh>
|
| ~XrdSecsssID () |
|
int | Find (const char *lid, char *&dP, const char *myIP, int dataOpts=0) |
|
◆ authType
Create a single instance of this class. Once created it cannot be deleted.
- Parameters
-
aType | - The type of authentication to perform (see authType enum). |
Ident | - Pointer to the default entity to use. If nil, a generic entity is created based on the process uid and gid. |
Tracker- | pointer to the connection tracker objec if connection tracking is desired. If nil, connections are not tracked. |
isOK | - if not nil sets the variable to true if successful and false, otherwise. Strongly recommended it be supplied. |
- Note
- Mutual authnetication requires that the server send an encrypted message proving that it holds the key before an identity is sent. For idDynamic this is the default and the message must be the login which must correspond to the key used to register the entity. This works well when keys are no more than 8 characters and consist only of letters and digits. The idMapped types provide greater freedom by using whatever userid was specified on the URL performing the login as the lookup key (i.e. the returned loginid is not used).
Enumerator |
---|
idDynamic | Mutual: Map loginid to registered identity Ident is default; if 0 nobody/nogroup
|
idMapped | 1Sided: Map loginid to registered identity Ident is default; if 0 nobody/nogroup
|
idMappedM | Mutual: Map loginid to registered identity Ident is default; if 0 process uid/gid
|
idStatic | 1Sided: fixed identity sent to the server Ident as specified; if 0 process uid/gid Default if XrdSecsssID not instantiated!
|
idStaticM | Mutual: fixed identity sent to the server Ident as specified; if 0 process uid/gid
|
◆ XrdSecsssID()
◆ ~XrdSecsssID()
XrdSecsssID::~XrdSecsssID |
( |
| ) |
|
|
private |
◆ Find()
int XrdSecsssID::Find |
( |
const char * |
lid, |
|
|
char *& |
dP, |
|
|
const char * |
myIP, |
|
|
int |
dataOpts = 0 |
|
) |
| |
|
private |
Find and return a id mapping.
- Parameters
-
lid | - Pointer to the login ID to search for. |
dP | - Reference to a pointer where the serialized ID is returned. The caller is responsible for freeing the storage. |
myIP | - Pointer to IP address of client. |
dataOpts | - Options to pass to the XrdSecsssEnt data extractor. See XrdSecsssEnt::rr_Data for details. |
- Returns
- The length of the structure pointed to by dP; zero if not found.
◆ genID()
◆ getObj()
Get initial parameters for sss ID mapping.
- Parameters
-
aType | - The authentication type used by this object. |
idP | - Reference to a pointer where the default ID is returned. |
- Returns
- A pointer to this object if it was instantiated, otherwise nil.
◆ Register()
bool XrdSecsssID::Register |
( |
const char * |
lgnid, |
|
|
const XrdSecEntity * |
Ident, |
|
|
bool |
doReplace = false , |
|
|
bool |
defer = false |
|
) |
| |
Create or delete a mapping from a loginid to an entity description.
- Parameters
-
lgnid | - Pointer to the login ID. |
Ident | - Pointer to the entity object to be registstered. If the pointer is NIL, then the mapping is deleted. |
doReplace | - When true, any existing mapping is replaced. |
defer | - When true, the entity object is recorded but serialization is deferred until the object is needed. The entity object must remain valid until the mapping is deleted. The entity may not be modified during this period. |
- Returns
- true - Mapping registered.
-
false - Mapping not registered because this object was not created as idDynamic idMapped, or idMappedM; or the mapping exists and doRep is false.
◆ XrdSecProtocolsss
◆ defaultID
◆ isStatic
bool XrdSecsssID::isStatic |
|
private |
◆ myAuth
◆ trackOK
bool XrdSecsssID::trackOK |
|
private |
The documentation for this class was generated from the following file: