|Initialize and start the identity provider. |
|Stop the identity provider. |
|Check if an identity name is valid. |
|Check if an identity is valid. |
|Canonicalize identity name. |
|Compare names. |
|Set the default identity. |
|Set an identity as searchable. |
|Get information about an identity. |
|Enumerate known and accessible identities. |
|Update information about an identity. |
|Retrieve the user interface callback function. |
|Notification of the creation of an identity. |
|#define KMSG_IDENT_CANON_NAME 5|
Canonicalize identity name.
The identity provider will be given a name, which it should put in canonical form, adjusting case and any character replacement or doing any relevant expansions if applicable, and place it in the supplied buffer.
If the name cannot be canonicalized for some reason, the destination buffer should be set to a zero-length string and the result member of the kcdb_ident_name_xfer structure should be set to the error code. If the destination buffer is set to a zero-length string and result is KHM_ERROR_SUCCESS, then the original name provided in name_src is assumed to be already in canonical form.
|#define KMSG_IDENT_COMPARE_NAME 6|
Compare two identity names. The names that are given aren't guaranteed to be in canonical form. The return value should be akin to strcmp().
|#define KMSG_IDENT_EXIT 2|
Stop the identity provider.
Sent by the KCDB as notificaton that the identity provider is no longer the current provider.
|#define KMSG_IDENT_GET_UI_CALLBACK 12|
Retrieve the user interface callback function.
When obtaining new credentials, the user interface needs to obtain a callback function which will provide identity selection controls.
|#define KMSG_IDENT_INIT 1|
Initialize and start the identity provider.
Sent by the KCDB to notify the identity provider that it is now the current identity provider.
Note that unlike regular plugins, an identity provider can be loaded and inert (not provide any services). Also, the user may switch between multiple identity providers on the fly.
|#define KMSG_IDENT_NOTIFY_CREATE 13|
Notification of the creation of an identity.
This should be considered just a notification. The identit provider does not have an opportunity to veto the creation of an identity whose name has been found to be valid. However, when handing this notification, the identity provider can:
Note that this notification is sent before the general :;KMSG_KCDB notification of the identity creation is sent.
vparam: handle to the identity
|#define KMSG_IDENT_SET_DEFAULT 7|
Set the default identity.
Set or unset the default identity. To set the default identity, the uparam parameter will be set to a non-zero value and a handle to the identity will be specified in vparam. To unset the default identity (i.e. not have a default identity), a zero value will be specified in uparam and no identities will be specified in vparam.
When setting a default identity, the identity provider will receive this message prior to the KCDB_IDENT_FLAG_DEFAULT bit being set or reset on any identity. It should return KHM_ERROR_SUCCESS if the requested operation can be performed. Returning any other value will abort the operation and will leave the default identity unchanged.
When resetting the default identity, this message should be treated only as a notification.
|#define KMSG_IDENT_SET_SEARCHABLE 8|
Set an identity as searchable.
Set or reset the searchable bit on an identity. If the uparam parameter is non-zero, then the searchable bit is being set. Otherwise it is being reset. The identity provider should return KHM_ERROR_SUCCESS in order to indicate that the identity should be marked as searchable. Any other value will result in the searchable bit being reset on the identity.
|#define KMSG_IDENT_VALIDATE_IDENTITY 4|
Check if an identity is valid.
Sent to the identity provider to verify the validity of the given identity. The provider should verify that the identity exists and is in a state where it can be actively used.
Depending on the result of the validation, the flags of the identity should be updated.
|#define KMSG_IDENT_VALIDATE_NAME 3|
Check if an identity name is valid.
This message is sent to the identity provider to verify the syntax of an identity name. Note that only the syntax of the name is to be verfied and not the actual physical existence of said identity.
Generated on Fri Aug 3 08:27:13 2007 for Network Identity Manager by Doxygen 1.5.2
© 2004-2007 Massachusetts Institute of Technology.
© 2005-2007 Secure Endpoints Inc.