mojave man page for gss_auth_rules

Mojave Man Pages All Man Pages Latest Topics Forum Categories

Query: gss_auth_rules

OS: mojave

Section: 5

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

gss_auth_rules(5)					Standards, Environments, and Macros					 gss_auth_rules(5)


NAME

       gss_auth_rules - overview of GSS authorization


DESCRIPTION

       The  establishment  of the veracity of a user's credentials requires both authentication (Is this an authentic user?) and authorization (Is
       this authentic user, in fact, authorized?).

       When a user makes use of Generic Security Services (GSS) versions of the ftp or ssh clients to connect to a server, the user is not  neces-
       sarily  authorized, even if his claimed GSS identity is authenticated, Authentication merely establishes that the user is who he says he is
       to the GSS mechanism's authentication system. Authorization is then required: it determines whether the GSS identity is permitted to access
       the specified Solaris user account.

       The GSS authorization rules are as follows:

	 o  If	the mechanism of the connection has a set of authorization rules, then use those rules. For example, if the mechanism is Kerberos,
	    then use the krb5_auth_rules(5), so that authorization is consistent between raw Kerberos applications and GSS/Kerberos applications.

	 o  If the mechanism of the connection does not have a set of authorization rules, then authorization is successful if the  remote  user's
	    gssname matches the local user's gssname exactly, as compared by gss_compare_name(3GSS).


FILES

       /etc/passwd

	   System account file. This information may also be in a directory service. See passwd(4).


ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+


SEE ALSO

       ftp(1), ssh(1), gsscred(1M), gss_compare_name(3GSS), passwd(4), attributes(5), krb5_auth_rules(5)

SunOS 5.10							    13 Apr 2004 						 gss_auth_rules(5)
Related Man Pages
gss_auth_rules(5) - sunos
gss_auth_rules(5) - centos
gss_auth_rules(5) - redhat
gss_auth_rules(5) - php
gss_auth_rules(5) - posix
Similar Topics in the Unix Linux Community
Fwknop and single packet authorization
fwknop 1.9.5 (Default branch)
fwknop 1.9.6 (Default branch)
fwknop 1.9.8 (Default branch)
fwknop 1.9.10 (Default branch)