[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Technical Reference: Communications, Volume 2

kvalid_user Subroutine


This routine maps the DCE principal to the local user account and determines if the DCE principal is allowed access to the account.


Valid User Library (libvaliduser.a)


int kvalid_user (char *princ_name, char *local_user)


This routine is called when Kerberos 5 authentication is configured to determine if the incoming Kerberos 5 ticket should allow access to the local account.

This routine determines whether the DCE principal, specified by the princ_name parameter, is allowed access to the user's account identified by the local_user parameter. The routine accesses the $HOME/.k5login file for the users account. It looks for the string pointed to by princ_name in that file.

Access is granted if one of two things is true.

  1. The $HOME/.k5login file exists and the princ_name is in it.
  2. The $HOME/.k5login file does NOT exist and the DCE principal name is the same as the local user's name.


princ_name This parameter is a single-string representation of the Kerberos 5 principal. The Kerberos 5 libraries have two services, krb5_unparse_name and krb5_parse_name, which convert a krb5_principal structure to and from a single-string format. This routine expects the princ_name parameter to be a single-string form of the krb5_principal structure.
local_user This parameter is the character string holding the name of the local account.

Return Values

If the user is allowed access to the account, the kvalid_user routine returns TRUE.

If the user is NOT allowed access to the account or there was an error, the kvalid_user routine returns FALSE.

Related Information

The ftp command, rcp command, rlogin command, rsh command, telnet, tn, or tn3270 command.

Using a .k5login file.

Network Overview in AIX 5L Version 5.2 System Management Guide: Communications and Networks.

Secure Rcmds in AIX 5L Version 5.2 System User's Guide: Communications and Networks.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]