by Claude Quéze » Thu, 20 Jul 2000 04:00:00
AcquireCredentialsHandle()
InitializeSecurityContext()
AcceptSecurityContext()
What are the equivalent (similar) UNIX calls or what is the way to
accomplish this on UNIX?
--
anti-spam: replace corba by com in private replies
by David Schwart » Thu, 20 Jul 2000 04:00:00
> Im porting a client/server application to Unix from Win32. Most of the
> code is standard C++ so there is no challenge. The Win32 code uses the
> following calls to validate user credentials:
> AcquireCredentialsHandle()
> InitializeSecurityContext()
> AcceptSecurityContext()
> What are the equivalent (similar) UNIX calls or what is the way to
> accomplish this on UNIX?
DS
by Claude Quéze » Fri, 21 Jul 2000 04:00:00
> DS
Claude
--
anti-spam: replace corba by com in private replies
by Barry Margoli » Fri, 21 Jul 2000 04:00:00
>> What do you mean by "validate user credentials"? Is this a library
>> trying to decide who is calling it? Or do you have a username/password
>> and you want to find out if they are correct?
>> DS
>On Win32, the client initiates authentication with the server by using a
>security support provider (Windows NT Lan Mananager Security Support Provider
>in this case) and calling AcquireCredentialsHandle(). The client then initates
>a series of calls to InitializeSecurityContext() passing and receiving buffers
>from the server. On the server side a similar call to
>AcquireCredentialsHandle() is followed by a series of calls to
>AcceptSecurityContext() recieiving and passing buffers to the client. The
>client never obtains a username or a password explicitly.
It becomes more complicated on systems with shadow password files, since
only the superuser can read the passwords.
--
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
by David Schwart » Fri, 21 Jul 2000 04:00:00
This breaks down into two cases:
1) The account is a real system account, an entry in /etc/passwd, and
can own files on the server machine.
2) The account is virtual in some way and has meaning to user code in
the server but no special meaning to the operating system.
If you are dealing with case 1, take a look at other programs that need
to do the exact same thing. Things like 'login' and 'ftpd'. Alternately,
rig it so that the server code itself is invoked with that user's
privileges, for example using 'ssh' as a launcher. Your process can then
just call 'getuid()' to find out what user's privileges it has.
If you are dealing with case 2 (which should be more common), you can
do it any way that you want. You can exchange credential information
however you find most appropriate.
DS
1. Validating unix login from DOS ?
Hi everobody, please excuse me if this questions is basic knowledge or in
the FAQ:
I am writing a BBS program for my school, in DOS using Borland Pascal 7.0.
I would like to grant users access via the UNIX login and Passwd, I know
our MAIL program does that from DOS. DO anyone know any tips ?
I don't want to shell out and let a terminal program do the identification,
since it is much to slow.
The system in question is:
Digital DEC51 running DECNET under Ultrix.
Any information would be higly appreciated.
Yours
Nicolai
--
Fidonet: 2:231/91.36
Snail-Mail: Box 27A, 5550 Langeskov
Denmark Phone: (+45) 6538 3413
2. free X servers for Win3.11?
3. Adminsuite User Manager: NIS+ credential problem
4. Q: Diamond Speed Star Pro [Cirrus Logic 5428] capabilities ?
5. Introduce BSD-style user credential [2/3]
8. A big favour
9. Introduce BSD-style user credential [1/3]
10. Getting "Can't set user credentials." when using rsh
11. validating user's password????
12. NIS+ problems (user credentials)