KRB5_ANAME_TO_LOCALNAME(3) BSD Library Functions Manual KRB5_ANAME_TO_LOCALNAME(3)NAME
krb5_aname_to_localname -- converts a principal to a system local name
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
#include <krb5/krb5.h>
krb5_boolean
krb5_aname_to_localname(krb5_context context, krb5_const_principal name, size_t lnsize, char *lname);
DESCRIPTION
This function takes a principal name, verifies that it is in the local realm (using krb5_get_default_realms()) and then returns the local
name of the principal.
If name isn't in one of the local realms an error is returned.
If the size (lnsize) of the local name (lname) is too small, an error is returned.
krb5_aname_to_localname() should only be use by an application that implements protocols that don't transport the login name and thus needs
to convert a principal to a local name.
Protocols should be designed so that they authenticate using Kerberos, send over the login name and then verify the principal that is authen-
ticated is allowed to login and the login name. A way to check if a user is allowed to login is using the function krb5_kuserok().
SEE ALSO krb5_get_default_realms(3), krb5_kuserok(3)BSD February 18, 2006 BSD
Check Out this Related Man Page
KRB5_SET_DEFAULT_REALM(3) BSD Library Functions Manual KRB5_SET_DEFAULT_REALM(3)NAME
krb5_copy_host_realm, krb5_free_host_realm, krb5_get_default_realm, krb5_get_default_realms, krb5_get_host_realm, krb5_set_default_realm --
default and host realm read and manipulation routines
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
#include <krb5/krb5.h>
krb5_error_code
krb5_copy_host_realm(krb5_context context, const krb5_realm *from, krb5_realm **to);
krb5_error_code
krb5_free_host_realm(krb5_context context, krb5_realm *realmlist);
krb5_error_code
krb5_get_default_realm(krb5_context context, krb5_realm *realm);
krb5_error_code
krb5_get_default_realms(krb5_context context, krb5_realm **realm);
krb5_error_code
krb5_get_host_realm(krb5_context context, const char *host, krb5_realm **realms);
krb5_error_code
krb5_set_default_realm(krb5_context context, const char *realm);
DESCRIPTION
krb5_copy_host_realm() copies the list of realms from from to to. to should be freed by the caller using krb5_free_host_realm.
krb5_free_host_realm() frees all memory allocated by realmlist.
krb5_get_default_realm() returns the first default realm for this host. The realm returned should be freed with free().
krb5_get_default_realms() returns a NULL terminated list of default realms for this context. Realms returned by krb5_get_default_realms()
should be freed with krb5_free_host_realm().
krb5_get_host_realm() returns a NULL terminated list of realms for host by looking up the information in the [domain_realm] in krb5.conf or
in DNS. If the mapping in [domain_realm] results in the string dns_locate, DNS is used to lookup the realm.
When using DNS to a resolve the domain for the host a.b.c, krb5_get_host_realm() looks for a TXT resource record named _kerberos.a.b.c, and
if not found, it strips off the first component and tries a again (_kerberos.b.c) until it reaches the root.
If there is no configuration or DNS information found, krb5_get_host_realm() assumes it can use the domain part of the host to form a realm.
Caller must free realmlist with krb5_free_host_realm().
krb5_set_default_realm() sets the default realm for the context. If NULL is used as a realm, the [libdefaults]default_realm stanza in
krb5.conf is used. If there is no such stanza in the configuration file, the krb5_get_host_realm() function is used to form a default realm.
SEE ALSO free(3), krb5.conf(5)BSD April 24, 2005 BSD