Index Index for
Section 3
Index Alphabetical
listing for C
Bottom of page Bottom of
page		 

CSSM_CSP_GetLoginAcl(3)


NAME

  CSSM_CSP_GetLoginAcl - Get description of CSP ACL entries (CDSA)


SYNOPSIS

  # include <cdsa/cssm.h>

       CSSM_RETURN CSSMAPI CSSM_CSP_GetLoginAcl
       (CSSM_CSP_HANDLE CSPHandle,
       const CSSM_STRING *SelectionTag,
       uint32 *NumberOfAclInfos,
       CSSM_ACL_ENTRY_INFO_PTR *AclInfos)


LIBRARY

  Common Security Services Manager library (libcssm.so)


PARAMETERS

  CSPHandle (input)
	  The module handle that identifies the cryptographic service
	  provider to perform this operation.

  SelectionTag (input/optional)
	  A CSSM_STRING value matching the user-defined tag value associated
	  with one or more ACL entries controlling login sessions. To
	  retrieve a description of all ACL entries controlling login
	  sessions, this parameter must be NULL.

  NumberOfAclInfos (output)
	  The number of entries in the AclInfos array. If no ACL entry
	  descriptions are returned, this value is zero.

  AclInfos (output)
	  An array of CSSM_ACL_ENTRY_INFO structures. The unique handle
	  contained in this structure can be used during the current attach
	  session and the current login session to reference specific ACL
	  entries for editing.	The structure is allocated by the service
	  provider and must be released by the caller when the structure is
	  no longer needed. If no ACL entry descriptions are returned, this
	  value is NULL.


DESCRIPTION

  This function returns a description of zero or more ACL entries managed by
  the CSP and used to control login sessions with the CSP. The optional input
  SelectionTag parameter restricts the returned descriptions to those ACL
  entries with a matching EntryTag value. If a SelectionTag value is
  specified and no matches are found, zero descriptions are returned. If no
  SelectionTag is specified, a description of all ACL entries used to control
  login sessions are returned by this function.

  Each AclInfo structure contains:

    ·  Public contents of an ACL entry

    ·  ACL EntryHandle, which is a unique value defined and managed by the
       service provider

  The public ACL entry information returned by this function includes:

    ·  Subject type -- A CSSM_LIST structure containing one element
       identifying the type of subject stored in the ACL entry.

    ·  Delegation flag -- A CSSM_BOOL value indicating whether the subject
       can delegate the permissions recorded in the authorization array.

    ·  Authorization array -- A CSSM_AUTHORIZATIONGROUP structure defining
       the set of operations for which permission is granted to the subject.

    ·  Validity period -- A CSSM_ACL_VALIDITY_PERIOD structure containing two
       elements, the start time and the stop time for which the ACL entry is
       valid.

    ·  ACL entry tag -- A CSSM_STRING containing a user-defined value
       associated with the ACL entry.


RETURN VALUE

  A CSSM_RETURN value indicating success or specifying a particular error
  condition. The value CSSM_OK indicates success. All other values represent
  an error condition.


ERRORS

  Errors are described in the CDSA technical standard.	See CDSA_intro(3).

  None specific to this call.


SEE ALSO

  Books

  Intel CDSA Application Developer's Guide (see CDSA_intro(3))

  Reference Pages

  Functions: CSSM_CSP_Login(3), CSSM_CSP_LoginAcl(3) CSSM_CSP_Logout(3)

Index Index for
Section 3
Index Alphabetical
listing for C
Top of page Top of
page