cc_context_f Struct Reference

Detailed Description

Function pointer table for cc_context_t. For more information see cc_context_t Overview.

Data Fields

Field Documentation

cc_int32(* release)(cc_context_t io_context)
 

cc_context_release(): Release memory associated with a cc_context_t.

Parameters:
io_context the context object to free.
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* get_change_time)(cc_context_t in_context, cc_time_t *out_time)
 

cc_context_get_change_time(): Get the last time the cache collection changed.

Parameters:
in_context the context object for the cache collection to examine.
out_time on exit, the time of the most recent change for the entire ccache collection.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
This function returns the time of the most recent change for the entire ccache collection. By maintaining a local copy the caller can deduce whether or not the ccache collection has been modified since the previous call to cc_context_get_change_time().

The time returned by cc_context_get_changed_time() increases whenever:

  • a ccache is created
  • a ccache is destroyed
  • a credential is stored
  • a credential is removed
  • a ccache principal is changed
  • the default ccache is changed
Note:
In order to be able to compare two values returned by cc_context_get_change_time(), the caller must use the same context to acquire them. Callers should maintain a single context in memory for cc_context_get_change_time() calls rather than creating a new context for every call.
See also:
wait_for_change

cc_int32(* get_default_ccache_name)(cc_context_t in_context, cc_string_t *out_name)
 

cc_context_get_default_ccache_name(): Get the name of the default ccache.

Parameters:
in_context the context object for the cache collection.
out_name on exit, the name of the default ccache.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
This function returns the name of the default ccache. When the default ccache exists, its name is returned. If there are no ccaches in the collection, and thus there is no default ccache, the name that the default ccache should have is returned. The ccache with that name will be used as the default ccache by all processes which initialized Kerberos libraries before the ccache was created.

If there is no default ccache, and the client is creating a new ccache, it should be created with the default name. If there already is a default ccache, and the client wants to create a new ccache (as opposed to reusing an existing ccache), it should be created with any unique name; create_new_ccache() can be used to accomplish that more easily.

If the first ccache is created with a name other than the default name, then the processes already running will not notice the credentials stored in the new ccache, which is normally undesirable.

cc_int32(* open_ccache)(cc_context_t in_context, const char *in_name, cc_ccache_t *out_ccache)
 

cc_context_open_ccache(): Open a ccache.

Parameters:
in_context the context object for the cache collection.
in_name the name of the ccache to open.
out_ccache on exit, a ccache object for the ccache
Returns:
On success, ccNoError. If no ccache named in_name exists, ccErrCCacheNotFound. On failure, an error code representing the failure.
Opens an already existing ccache identified by its name. It returns a reference to the ccache in out_ccache.

The list of all ccache names, principals, and credentials versions may be retrieved by calling cc_context_new_cache_iterator(), cc_ccache_get_name(), cc_ccache_get_principal(), and cc_ccache_get_cred_version().

cc_int32(* open_default_ccache)(cc_context_t in_context, cc_ccache_t *out_ccache)
 

cc_context_open_default_ccache(): Open the default ccache.

Parameters:
in_context the context object for the cache collection.
out_ccache on exit, a ccache object for the default ccache
Returns:
On success, ccNoError. If no default ccache exists, ccErrCCacheNotFound. On failure, an error code representing the failure.
Opens the default ccache. It returns a reference to the ccache in *ccache.

This function performs the same function as calling cc_context_get_default_ccache_name followed by cc_context_open_ccache, but it performs it atomically.

cc_int32(* create_ccache)(cc_context_t in_context, const char *in_name, cc_uint32 in_cred_vers, const char *in_principal, cc_ccache_t *out_ccache)
 

cc_context_create_ccache(): Create a new ccache.

Parameters:
in_context the context object for the cache collection.
in_name the name of the new ccache to create
in_cred_vers the version of the credentials the new ccache will hold
in_principal the client principal of the credentials the new ccache will hold
out_ccache on exit, a ccache object for the newly created ccache
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Create a new credentials cache. The ccache is uniquely identified by its name. The principal given is also associated with the ccache and the credentials version specified. A NULL name is not allowed (and ccErrBadName is returned if one is passed in). Only cc_credentials_v4 and cc_credentials_v5 are valid input values for cred_vers. If you want to create a new ccache that will hold both versions of credentials, call cc_context_create_ccache() with one version, and then cc_ccache_set_principal() with the other version.

If you want to create a new ccache (with a unique name), you should use cc_context_create_new_ccache() instead. If you want to create or reinitialize the default cache, you should use cc_context_create_default_ccache().

If name is non-NULL and there is already a ccache named name:

  • the credentials in the ccache whose version is cred_vers are removed
  • the principal (of the existing ccache) associated with cred_vers is set to principal
  • a handle for the existing ccache is returned and all existing handles for the ccache remain valid
If no ccache named name already exists:

  • a new empty ccache is created
  • the principal of the new ccache associated with cred_vers is set to principal
  • a handle for the new ccache is returned
For a new ccache, the name should be any unique string. The name is not intended to be presented to users.

If the created ccache is the first ccache in the collection, it is made the default ccache. Note that normally it is undesirable to create the first ccache with a name different from the default ccache name (as returned by cc_context_get_default_ccache_name()); see the description of cc_context_get_default_ccache_name() for details.

The principal should be a C string containing an unparsed Kerberos principal in the format of the appropriate Kerberos version, i.e.

foo.bar/@BAZ 
      *
for Kerberos v4 and
foo/bar/@BAZ
for Kerberos v5.

cc_int32(* create_default_ccache)(cc_context_t in_context, cc_uint32 in_cred_vers, const char *in_principal, cc_ccache_t *out_ccache)
 

cc_context_create_default_ccache(): Create a new default ccache.

Parameters:
in_context the context object for the cache collection.
in_cred_vers the version of the credentials the new default ccache will hold
in_principal the client principal of the credentials the new default ccache will hold
out_ccache on exit, a ccache object for the newly created default ccache
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Create the default credentials cache. The behavior of this function is similar to that of cc_create_ccache(). If there is a default ccache (which is always the case except when there are no ccaches at all in the collection), it is initialized with the specified credentials version and principal, as per cc_create_ccache(); otherwise, a new ccache is created, and its name is the name returned by cc_context_get_default_ccache_name().

cc_int32(* create_new_ccache)(cc_context_t in_context, cc_uint32 in_cred_vers, const char *in_principal, cc_ccache_t *out_ccache)
 

cc_context_create_new_ccache(): Create a new uniquely named ccache.

Parameters:
in_context the context object for the cache collection.
in_cred_vers the version of the credentials the new ccache will hold
in_principal the client principal of the credentials the new ccache will hold
out_ccache on exit, a ccache object for the newly created ccache
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Create a new unique credentials cache. The behavior of this function is similar to that of cc_create_ccache(). If there are no ccaches, and therefore no default ccache, the new ccache is created with the default ccache name as would be returned by get_default_ccache_name(). If there are some ccaches, and therefore there is a default ccache, the new ccache is created with a new unique name. Clearly, this function never reinitializes a ccache, since it always uses a unique name.

cc_int32(* new_ccache_iterator)(cc_context_t in_context, cc_ccache_iterator_t *out_iterator)
 

cc_context_new_ccache_iterator(): Get an iterator for the cache collection.

Parameters:
in_context the context object for the cache collection.
out_iterator on exit, a ccache iterator object for the ccache collection.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Used to allocate memory and initialize iterator. Successive calls to iterator's next() function will return ccaches in the collection.

If changes are made to the collection while an iterator is being used on it, the iterator must return at least the intersection, and at most the union, of the set of ccaches that were present when the iteration began and the set of ccaches that are present when it ends.

cc_int32(* lock)(cc_context_t in_context, cc_uint32 in_lock_type, cc_uint32 in_block)
 

cc_context_lock(): Lock the cache collection.

Parameters:
in_context the context object for the cache collection.
in_lock_type the type of lock to obtain.
in_block whether or not the function should block if the lock cannot be obtained immediately.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
Attempts to acquire an advisory lock for the ccache collection. Allowed values for lock_type are:

  • cc_lock_read: a read lock.
  • cc_lock_write: a write lock
  • cc_lock_upgrade: upgrade an already-obtained read lock to a write lock
  • cc_lock_downgrade: downgrade an already-obtained write lock to a read lock
If block is cc_lock_block, lock() will not return until the lock is acquired. If block is cc_lock_noblock, lock() will return immediately, either acquiring the lock and returning ccNoError, or failing to acquire the lock and returning an error explaining why.

Locks apply only to the list of ccaches, not the contents of those ccaches. To prevent callers participating in the advisory locking from changing the credentials in a cache you must also lock that ccache with cc_ccache_lock(). This is so that you can get the list of ccaches without preventing applications from simultaneously obtaining service tickets.

To avoid having to deal with differences between thread semantics on different platforms, locks are granted per context, rather than per thread or per process. That means that different threads of execution have to acquire separate contexts in order to be able to synchronize with each other.

The lock should be unlocked by using cc_context_unlock().

Note:
All locks are advisory. For example, callers which do not call cc_context_lock() and cc_context_unlock() will not be prevented from writing to the cache collection when you have a read lock. This is because the CCAPI locking was added after the first release and thus adding mandatory locks would have changed the user experience and performance of existing applications.

cc_int32(* unlock)(cc_context_t in_cc_context)
 

cc_context_unlock(): Unlock the cache collection.

Parameters:
in_context the context object for the cache collection.
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* compare)(cc_context_t in_cc_context, cc_context_t in_compare_to_context, cc_uint32 *out_equal)
 

cc_context_compare(): Compare two context objects.

Parameters:
in_context a context object.
in_compare_to_context a context object to compare with in_context.
out_equal on exit, whether or not the two contexts refer to the same cache collection.
Returns:
On success, ccNoError. On failure, an error code representing the failure.

cc_int32(* wait_for_change)(cc_context_t in_cc_context)
 

cc_context_wait_for_change(): Wait for the next change in the cache collection.

Parameters:
in_context a context object.
Returns:
On success, ccNoError. On failure, an error code representing the failure.
This function blocks until the next change is made to the cache collection ccache collection. By repeatedly calling cc_context_wait_for_change() from a worker thread the caller can effectively receive callbacks whenever the cache collection changes. This is considerably more efficient than polling with cc_context_get_change_time().

cc_context_wait_for_change() will return whenever:

  • a ccache is created
  • a ccache is destroyed
  • a credential is stored
  • a credential is removed
  • a ccache principal is changed
  • the default ccache is changed
Note:
In order to make sure that the caller doesn't miss any changes, cc_context_wait_for_change() always returns immediately after the first time it is called on a new context object. Callers must use the same context object for successive calls to cc_context_wait_for_change() rather than creating a new context for every call.
See also:
get_change_time

Generated on Tue Oct 2 17:16:05 2007 for Credentials Cache API by  doxygen 1.4.6