Diffusion C API  6.7.4
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Management of the system authentication store.

Functions

SYSTEM_AUTHENTICATION_STORE_Tsystem_authentication_store_create (void)
 Create a new, empty system authentication store structure. More...
 
SYSTEM_AUTHENTICATION_STORE_Tsystem_authentication_store_dup (const SYSTEM_AUTHENTICATION_STORE_T *store)
 Copy an existing system authentication store structure. More...
 
SYSTEM_PRINCIPAL_Tsystem_principal_dup (const SYSTEM_PRINCIPAL_T *system_principal)
 Copy an existing system principal structure. More...
 
void get_system_authentication_store (SESSION_T *session, const GET_SYSTEM_AUTHENTICATION_STORE_PARAMS_T params)
 Get the server's system authentication store. More...
 
char ** get_principal_names (const SYSTEM_AUTHENTICATION_STORE_T store)
 Get an array of principals defined in the system authentication store. More...
 
char ** get_roles_for_principal (const SYSTEM_AUTHENTICATION_STORE_T store, const char *principal)
 Get an array of role names for a given principal. More...
 
char ** get_anonymous_roles (const SYSTEM_AUTHENTICATION_STORE_T store)
 Get an array of role names for anonymous connections. More...
 
void update_system_authentication_store (SESSION_T *session, const UPDATE_SYSTEM_AUTHENTICATION_STORE_PARAMS_T params)
 Send updates to the system authentication store. More...
 
SCRIPT_Tupdate_auth_store_deny_anonymous_connections (SCRIPT_T *script)
 Updates a script to add a command to deny anonymous connections. More...
 
SCRIPT_Tupdate_auth_store_abstain_anonymous_connections (SCRIPT_T *script)
 Updates a script to add a command to abstain from decisions relating to anonymous connections. More...
 
SCRIPT_Tupdate_auth_store_allow_anonymous_connections (SCRIPT_T *script, const LIST_T *roles)
 Updates a script to add a command to allow anonymous connections, and a list of roles those connections should have. More...
 
SCRIPT_Tupdate_auth_store_add_principal (SCRIPT_T *script, const char *principal, const char *password, const LIST_T *roles)
 Updates a script to add a command to add a new principal to the authentication store, and a list of roles assigned to them. More...
 
SCRIPT_Tupdate_auth_store_add_locked_principal (SCRIPT_T *script, const char *principal, const char *password, const LIST_T *roles, const char *locking_principal)
 Updates a script to add a command to add a new locked principal to the authentication store. More...
 
SCRIPT_Tupdate_auth_store_remove_principal (SCRIPT_T *script, const char *principal)
 Updates a script to add a command to remove an existing principal from the authentication store. More...
 
SCRIPT_Tupdate_auth_store_assign_roles (SCRIPT_T *script, const char *principal, const LIST_T *roles)
 Updates a script to assign roles to an existing principal. More...
 
SCRIPT_Tupdate_auth_store_set_password (SCRIPT_T *script, const char *principal, const char *password)
 Updates a script to change the password for an existing principal. More...
 
SCRIPT_Tupdate_auth_store_verify_password (SCRIPT_T *script, const char *principal, const char *password)
 Updates a script to include a command to verify a principal's password. More...
 
SCRIPT_Tupdate_auth_store_trust_client_proposed_property_in (SCRIPT_T *script, const char *property_name, const SET_T *allowed_values)
 Updates a script to specify a client proposed session property and its allowed values. More...
 
SCRIPT_Tupdate_auth_store_trust_client_proposed_property_matches (SCRIPT_T *script, const char *property_name, const char *regular_expression)
 Updates a script to specify a client proposed session property and a regular expression to validate its value. More...
 
SCRIPT_Tupdate_auth_store_ignore_client_proposed_property (SCRIPT_T *script, const char *property_name)
 Updates a script to specify that a client proposed session property should be ignored. More...
 

Detailed Description

Function Documentation

char** get_anonymous_roles ( const SYSTEM_AUTHENTICATION_STORE_T  store)

Get an array of role names for anonymous connections.

Parameters
storeA system authentication store.
Returns
A NULL-terminated array of strings.
char** get_principal_names ( const SYSTEM_AUTHENTICATION_STORE_T  store)

Get an array of principals defined in the system authentication store.

Parameters
storeA system authentication store.
Returns
A NULL-terminated array of strings.
char** get_roles_for_principal ( const SYSTEM_AUTHENTICATION_STORE_T  store,
const char *  principal 
)

Get an array of role names for a given principal.

Parameters
storeA system authentication store.
principalThe principal for which roles are requested.
Returns
A NULL-terminated array of strings.
void get_system_authentication_store ( SESSION_T session,
const GET_SYSTEM_AUTHENTICATION_STORE_PARAMS_T  params 
)

Get the server's system authentication store.

Parameters
sessionThe current session. If NULL, this function returns immediately.
paramsParameter structure containing callbacks to receive the contents of the system authentication store.
SYSTEM_AUTHENTICATION_STORE_T* system_authentication_store_create ( void  )

Create a new, empty system authentication store structure.

The returned structure is unsynchronized, so appropriate mutexes should be use if the structure is to be used concurrently.

This should be freed wth system_authentication_store_free when no longer needed.

Returns
A newly allocated system authentication store.
SYSTEM_AUTHENTICATION_STORE_T* system_authentication_store_dup ( const SYSTEM_AUTHENTICATION_STORE_T store)

Copy an existing system authentication store structure.

system_authentication_store_free should be called on this pointer when no longer needed.

Parameters
storeThe system authentication store to be copied.

The returned structure is unsynchronized, so appropriate mutexes should be use if the structure is to be used concurrently.

Returns
A deep copy of a system authentication store.
SYSTEM_PRINCIPAL_T* system_principal_dup ( const SYSTEM_PRINCIPAL_T system_principal)

Copy an existing system principal structure.

system_principal_free should be called on this pointer when no longer needed.

Parameters
system_principalThe system principal to be copied.

The returned structure is unsynchronized, so appropriate mutexes should be use if the structure is to be used concurrently.

Returns
A deep copy of a system principal
SCRIPT_T* update_auth_store_abstain_anonymous_connections ( SCRIPT_T script)

Updates a script to add a command to abstain from decisions relating to anonymous connections.

Parameters
scriptThe script to update.
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_add_locked_principal ( SCRIPT_T script,
const char *  principal,
const char *  password,
const LIST_T roles,
const char *  locking_principal 
)

Updates a script to add a command to add a new locked principal to the authentication store.

A locked principal can only be edited by the principal defined in the lock. The script will fail if the principal is already defined at the server.

Parameters
scriptThe script to update.
principalThe principal to add.
passwordThe unencoded password for the principal.
rolesA list of strings representing the roles to be assigned to the principal.
locking_principalThe name of the principal that can edit this principal
Returns
The updated script or NULL if either the principal or password are NULL.
SCRIPT_T* update_auth_store_add_principal ( SCRIPT_T script,
const char *  principal,
const char *  password,
const LIST_T roles 
)

Updates a script to add a command to add a new principal to the authentication store, and a list of roles assigned to them.

Parameters
scriptThe script to update.
principalThe principal to add.
passwordThe unencoded password for the principal.
rolesA list of strings representing the roles to be assigned to the principal.
Returns
The updated script or NULL if either the principal or password are NULL.
SCRIPT_T* update_auth_store_allow_anonymous_connections ( SCRIPT_T script,
const LIST_T roles 
)

Updates a script to add a command to allow anonymous connections, and a list of roles those connections should have.

Parameters
scriptThe script to update.
rolesA list of strings representing the roles to be assigned to the anonymous user.
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_assign_roles ( SCRIPT_T script,
const char *  principal,
const LIST_T roles 
)

Updates a script to assign roles to an existing principal.

Parameters
scriptThe script to update.
principalThe principal whose roles are to be updated.
rolesA list of strings representing the roles to be assigned to the principal.
Returns
The updated script or NULL if the principal is NULL.
SCRIPT_T* update_auth_store_deny_anonymous_connections ( SCRIPT_T script)

Updates a script to add a command to deny anonymous connections.

Parameters
scriptThe script to update.
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_ignore_client_proposed_property ( SCRIPT_T script,
const char *  property_name 
)

Updates a script to specify that a client proposed session property should be ignored.

Specifies the name of a client proposed session property that should be ignored by the system authenticator. This cancels the effect of a previous trust of the named property.

Parameters
scriptThe script to update.
property_nameThe name of the client proposed property to be ignored
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_remove_principal ( SCRIPT_T script,
const char *  principal 
)

Updates a script to add a command to remove an existing principal from the authentication store.

Parameters
scriptThe script to update.
principalThe principal to remove.
Returns
The updated script or NULL if the principal is NULL.
SCRIPT_T* update_auth_store_set_password ( SCRIPT_T script,
const char *  principal,
const char *  password 
)

Updates a script to change the password for an existing principal.

Parameters
scriptThe script to update.
principalThe principal whose password is to be changed.
passwordThe unencoded password for the principal.
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_trust_client_proposed_property_in ( SCRIPT_T script,
const char *  property_name,
const SET_T allowed_values 
)

Updates a script to specify a client proposed session property and its allowed values.

Specifies the name of a client proposed session property that should be allowed by the system authenticator along with a set of permissible values. The property will only be allowed if the supplied value matches one of those in the set of values specified.

Parameters
scriptThe script to update.
property_nameThe name of the client proposed property to be allowed
allowed_valuesThe set of allowed values for the client proposed property
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_trust_client_proposed_property_matches ( SCRIPT_T script,
const char *  property_name,
const char *  regular_expression 
)

Updates a script to specify a client proposed session property and a regular expression to validate its value.

Specifies the name of a client proposed session property that should be allowed by the system authenticator along with a regular expression to validate the property value. The property will only be allowed if the supplied value matches with the regular expression.

Parameters
scriptThe script to update.
property_nameThe name of the client proposed property to be allowed
regular_expressionThe regular expression which will be matched against supplied values to determine whether they are valid
Returns
The updated script. (It is also modified in-place.)
SCRIPT_T* update_auth_store_verify_password ( SCRIPT_T script,
const char *  principal,
const char *  password 
)

Updates a script to include a command to verify a principal's password.

This command does not update the store. It can be used in conjunction with setPassword to create a script that updates a password only if the previous password is supplied.

Parameters
scriptThe script to update.
principalThe principal whose password is to be verified.
passwordThe unencoded password for the principal.
Returns
The updated script. (It is also modified in-place.)
void update_system_authentication_store ( SESSION_T session,
const UPDATE_SYSTEM_AUTHENTICATION_STORE_PARAMS_T  params 
)

Send updates to the system authentication store.

Parameters
sessionThe current session. If NULL, this function returns immediately.
paramsParameter structure describing the updates to perform and callbacks to handle success or failure notifications.