Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages

OpenSolaris 2009.06 - man page for gss_auth_rules (opensolaris section 5)

gss_auth_rules(5)	       Standards, Environments, and Macros		gss_auth_rules(5)

NAME
       gss_auth_rules - overview of GSS authorization

DESCRIPTION
       The establishment of the veracity of a user's credentials requires both authentication (Is
       this an authentic user?) and authorization (Is this authentic user, in fact, authorized?).

       When a user makes use of Generic Security Services  (GSS)  versions  of	the  ftp  or  ssh
       clients	to  connect  to  a  server,  the  user is not necessarily authorized, even if his
       claimed GSS identity is authenticated, Authentication merely establishes that the user  is
       who  he	says  he  is  to the GSS mechanism's authentication system. Authorization is then
       required: it determines whether the GSS identity is  permitted  to  access  the	specified
       Solaris user account.

       The GSS authorization rules are as follows:

	   o	  If  the  mechanism of the connection has a set of authorization rules, then use
		  those  rules.  For  example,	if  the  mechanism  is	Kerberos,  then  use  the
		  krb5_auth_rules(5),  so  that  authorization is consistent between raw Kerberos
		  applications and GSS/Kerberos applications.

	   o	  If the mechanism of the connection does not have a set of authorization  rules,
		  then authorization is successful if the remote user's gssname matches the local
		  user's gssname exactly, as compared by gss_compare_name(3GSS).

FILES
       /etc/passwd    System account file. This information may also be in a  directory  service.
		      See passwd(4).

ATTRIBUTES
       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO
       ftp(1),	  ssh(1),    gsscred(1M),   gss_compare_name(3GSS),   passwd(4),   attributes(5),
       krb5_auth_rules(5)

SunOS 5.11				   13 Apr 2004				gss_auth_rules(5)


All times are GMT -4. The time now is 01:42 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
UNIX.COM Login
Username:
Password:  
Show Password