CSSM_CSP_GetLoginAcl(3)CSSM_CSP_GetLoginAcl(3)NAMECSSM_CSP_GetLoginAcl - Get description of CSP ACL entries (CDSA)
SYNOPSIS
# include <cdsa/cssm.h>
CSSM_RETURN CSSMAPI CSSM_CSP_GetLoginAcl (CSSM_CSP_HANDLE CSPHandle,
const CSSM_STRING *SelectionTag, uint32 *NumberOfAclInfos,
CSSM_ACL_ENTRY_INFO_PTR *AclInfos)
LIBRARY
Common Security Services Manager library (libcssm.so)
PARAMETERS
The module handle that identifies the cryptographic service provider to
perform this operation. A CSSM_STRING value matching the user-defined
tag value associated with one or more ACL entries controlling login
sessions. To retrieve a description of all ACL entries controlling
login sessions, this parameter must be NULL. The number of entries in
the AclInfos array. If no ACL entry descriptions are returned, this
value is zero. An array of CSSM_ACL_ENTRY_INFO structures. The unique
handle contained in this structure can be used during the current
attach session and the current login session to reference specific ACL
entries for editing. The structure is allocated by the service
provider and must be released by the caller when the structure is no
longer needed. If no ACL entry descriptions are returned, this value is
NULL.
DESCRIPTION
This function returns a description of zero or more ACL entries managed
by the CSP and used to control login sessions with the CSP. The
optional input SelectionTag parameter restricts the returned descrip‐
tions to those ACL entries with a matching EntryTag value. If a Selec‐
tionTag value is specified and no matches are found, zero descriptions
are returned. If no SelectionTag is specified, a description of all ACL
entries used to control login sessions are returned by this function.
Each AclInfo structure contains: Public contents of an ACL entry ACL
EntryHandle, which is a unique value defined and managed by the service
provider
The public ACL entry information returned by this function includes:
Subject type -- A CSSM_LIST structure containing one element identify‐
ing the type of subject stored in the ACL entry. Delegation flag -- A
CSSM_BOOL value indicating whether the subject can delegate the permis‐
sions recorded in the authorization array. Authorization array -- A
CSSM_AUTHORIZATIONGROUP structure defining the set of operations for
which permission is granted to the subject. Validity period -- A
CSSM_ACL_VALIDITY_PERIOD structure containing two elements, the start
time and the stop time for which the ACL entry is valid. ACL entry tag
-- A CSSM_STRING containing a user-defined value associated with the
ACL entry.
RETURN VALUE
A CSSM_RETURN value indicating success or specifying a particular error
condition. The value CSSM_OK indicates success. All other values repre‐
sent an error condition.
ERRORS
Errors are described in the CDSA technical standard. See
CDSA_intro(3).
None specific to this call.
SEE ALSO
Books
Intel CDSA Application Developer's Guide (see CDSA_intro(3))
Reference Pages
Functions: CSSM_CSP_Login(3), CSSM_CSP_LoginAcl(3)CSSM_CSP_Logout(3)CSSM_CSP_GetLoginAcl(3)