Library /sys$common/syshlp/helplib.hlb  —  CDSA  CDSA_API, CSSM CSP GetLoginAcl
 NAME

   CSSM_CSP_GetLoginAcl - Get description of CSP ACL entries (CDSA)

 SYNOPSIS

   # include <cssm.h>

        CSSM_RETURN CSSMAPI CSSM_CSP_GetLoginAcl
        (CSSM_CSP_HANDLE CSPHandle,
        const CSSM_STRING *SelectionTag,
        uint32 *NumberOfAclInfos,
        CSSM_ACL_ENTRY_INFO_PTR *AclInfos)

 LIBRARY

   Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)

 PARAMETERS

   CSPHandle (input)
           The module handle that identifies the cryptographic service
           provider to perform this operation.

   SelectionTag (input/optional)
           A CSSM_STRING value matching the user-defined tag value
           associated with one or more ACL entries controlling login
           sessions. To retrieve a description of all ACL entries
           controlling login sessions, this parameter must be NULL.

   NumberOfAclInfos (output)
           The number of entries in the AclInfos array. If no ACL entry
           descriptions are returned, this value is zero.

   AclInfos (output)
           An array of CSSM_ACL_ENTRY_INFO structures. The unique
           handle contained in this structure can be used during the
           current attach session and the current login session to
           reference specific ACL entries for editing.  The structure
           is allocated by the service provider and must be released by
           the caller when the structure is no longer needed. If no ACL
           entry descriptions are returned, this value is NULL.

 DESCRIPTION

   This function returns a description of zero or more ACL entries
   managed by the CSP and used to control login sessions with the CSP.
   The optional input SelectionTag parameter restricts the returned
   descriptions to those ACL entries with a matching EntryTag value.
   If a SelectionTag value is specified and no matches are found, zero
   descriptions are returned. If no SelectionTag is specified, a
   description of all ACL entries used to control login sessions are
   returned by this function.

   Each AclInfo structure contains:

     ·  Public contents of an ACL entry

     ·  ACL EntryHandle, which is a unique value defined and managed by
        the service provider

   The public ACL entry information returned by this function includes:

     ·  Subject type -- A CSSM_LIST structure containing one element
        identifying the type of subject stored in the ACL entry.

     ·  Delegation flag -- A CSSM_BOOL value indicating whether
        the subject can delegate the permissions recorded in the
        authorization array.

     ·  Authorization array -- A CSSM_AUTHORIZATIONGROUP structure
        defining the set of operations for which permission is granted
        to the subject.

     ·  Validity period -- A CSSM_ACL_VALIDITY_PERIOD structure
        containing two elements, the start time and the stop time
        for which the ACL entry is valid.

     ·  ACL entry tag -- A CSSM_STRING containing a user-defined value
        associated with the ACL entry.

 RETURN VALUE

   A CSSM_RETURN value indicating success or specifying a particular
   error condition. The value CSSM_OK indicates success. All other values
   represent an error condition.

 ERRORS

   Errors are described in the CDSA technical standard.  See CDSA.

   None specific to this call.

 SEE ALSO

   Books

   Intel CDSA Application Developer's Guide (see CDSA)

   Other Help Topics

   Functions: CSSM_CSP_Login
              CSSM_CSP_LoginAcl
              CSSM_CSP_Logout
Close Help