tag_kcdb_cred_request Struct Reference
[Credentials]

#include <kcreddb.h>

Detailed Description

Generic credentials request.

This data structure is used as the format for a generic credentials reqeust for a KMSG_KCDB_REQUEST message. A plugin typically publishes this message so that a credentials provider may handle it and in response, obtain the specified credential.

While the identity, type and name members of the structure are all optional, typically one would specify all three or at least two for a credential provider to be able to provide the credential unambigously.

Credential providers do not need to respond to KMSG_KCDB_REQUEST messages. However, if they do, they should make sure that they are the only credential provider that is responding by setting the semaphore member to a non-zero value. The semaphore is set to zero when a request is initially sent out. When incrementing the semaphore, the plugin should use a thread safe mechanism to ensure that there are no race conditions that would allow more than one provider to respond to the message.


Data Fields

khm_handle identity
khm_int32 type
wchar_t * name
khm_handle dest_credset
void * vparam
long semaphore

Field Documentation

khm_handle tag_kcdb_cred_request::identity

Identity of the credential. Set to NULL if not specified.

khm_int32 tag_kcdb_cred_request::type

Type of the credential. Set to KCDB_CREDTYPE_INVALID if not specified.

wchar_t* tag_kcdb_cred_request::name

Name of the credential. Set to NULL if not specified.

khm_handle tag_kcdb_cred_request::dest_credset

If non-NULL, instructs whoever is handling the request that the credential thus obtained be placed in this credential set in addition to whereever it may place newly acquired credentials. Note that while this can be NULL if the new credential does not need to be placed in a credential set, it can not equal the root credential set.

void* tag_kcdb_cred_request::vparam

An unspecified parameter. Specific credential types may specify how this field is to be used.

long tag_kcdb_cred_request::semaphore

Incremented by one when this request is answered. Only one credential provider is allowed to answer a KMSG_KCDB_REQUEST message. Initially, when the message is sent out, this member should be set to zero.

The documentation for this struct was generated from the following file:
Generated on Fri Aug 3 08:27:15 2007 for Network Identity Manager by Doxygen 1.5.2
© 2004-2007 Massachusetts Institute of Technology.
© 2005-2007 Secure Endpoints Inc.
Contact khimaira@mit.edu