Main index | Section 3 | Options |
#include <krb5.h>
The krb5_verify_user_lrealm() function does the same, except that it ignores the realm in principal and tries all the local realms (see krb5.conf(5)). After a successful return, the principal is set to the authenticated realm. If the call fails, the principal will not be meaningful, and should only be freed with krb5_free_principal(3).
krb5_verify_opt_alloc() and krb5_verify_opt_free() allocates and frees a krb5_verify_opt. You should use the the alloc and free function instead of allocation the structure yourself, this is because in a future release the structure wont be exported.
krb5_verify_opt_init() resets all opt to default values.
None of the krb5_verify_opt_set function makes a copy of the data structure that they are called with. It's up the caller to free them after the krb5_verify_user_opt() is called.
krb5_verify_opt_set_ccache() sets the ccache that user of opt will use. If not set, the default credential cache will be used.
krb5_verify_opt_set_keytab() sets the keytab that user of opt will use. If not set, the default keytab will be used.
krb5_verify_opt_set_secure() if secure if true, the password verification will require that the ticket will be verified against the locally stored service key. If not set, default value is true.
krb5_verify_opt_set_service() sets the service principal that user of opt will use. If not set, the ‘host’ service will be used.
krb5_verify_opt_set_flags() sets flags that user of opt will use. If the flag KRB5_VERIFY_LREALMS is used, the principal will be modified like krb5_verify_user_lrealm() modifies it.
krb5_verify_user_opt() function verifies the password supplied by a user. The principal whose password will be verified is specified in principal. Options the to the verification process is pass in in opt.
#include <krb5.h>int main(int argc, char **argv) { char *user; krb5_error_code error; krb5_principal princ; krb5_context context;
if (argc != 2) errx(1, "usage: verify_passwd <principal-name>");
user = argv[1];
if (krb5_init_context(&context) < 0) errx(1, "krb5_init_context");
if ((error = krb5_parse_name(context, user, &princ)) != 0) krb5_err(context, 1, error, "krb5_parse_name");
error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL); if (error) krb5_err(context, 1, error, "krb5_verify_user");
return 0; }
HEIMDAL | KRB5_VERIFY_USER (3) | May 1, 2006 |
Main index | Section 3 | Options |
Please direct any comments about this manual page service to Ben Bullock. Privacy policy.
“ | "I liken starting one's computing career with Unix, say as an undergraduate, to being born in East Africa. It is intolerably hot, your body is covered with lice and flies, you are malnourished and you suffer from numerous curable diseases. But, as far as young East Africans can tell, this is simply the natural condition and they live within it. By the time they find out differently, it is too late. They already think that the writing of shell scripts is a natural act." | ” |
— Ken Pier, Xerox PARC |