xref: /freebsd/crypto/heimdal/lib/krb5/krb5_aname_to_localname.3 (revision 0b3105a37d7adcadcb720112fed4dc4e8040be99)
1.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan
2.\" (Royal Institute of Technology, Stockholm, Sweden).
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\"
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\"
12.\" 2. Redistributions in binary form must reproduce the above copyright
13.\"    notice, this list of conditions and the following disclaimer in the
14.\"    documentation and/or other materials provided with the distribution.
15.\"
16.\" 3. Neither the name of the Institute nor the names of its contributors
17.\"    may be used to endorse or promote products derived from this software
18.\"    without specific prior written permission.
19.\"
20.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30.\" SUCH DAMAGE.
31.\"
32.\" $Id$
33.\"
34.Dd February 18, 2006
35.Dt KRB5_ANAME_TO_LOCALNAME 3
36.Os HEIMDAL
37.Sh NAME
38.Nm krb5_aname_to_localname
39.Nd converts a principal to a system local name
40.Sh LIBRARY
41Kerberos 5 Library (libkrb5, -lkrb5)
42.Sh SYNOPSIS
43.In krb5.h
44.Ft krb5_boolean
45.Fo krb5_aname_to_localname
46.Fa "krb5_context context"
47.Fa "krb5_const_principal name"
48.Fa "size_t lnsize"
49.Fa "char *lname"
50.Fc
51.Sh DESCRIPTION
52This function takes a principal
53.Fa name ,
54verifies that it is in the local realm (using
55.Fn krb5_get_default_realms )
56and then returns the local name of the principal.
57.Pp
58If
59.Fa name
60isn't in one of the local realms an error is returned.
61.Pp
62If the size
63.Fa ( lnsize )
64of the local name
65.Fa ( lname )
66is too small, an error is returned.
67.Pp
68.Fn krb5_aname_to_localname
69should only be use by an application that implements protocols that
70don't transport the login name and thus needs to convert a principal
71to a local name.
72.Pp
73Protocols should be designed so that they authenticate using
74Kerberos, send over the login name and then verify the principal
75that is authenticated is allowed to login and the login name.
76A way to check if a user is allowed to login is using the function
77.Fn krb5_kuserok .
78.Sh SEE ALSO
79.Xr krb5_get_default_realms 3 ,
80.Xr krb5_kuserok 3
81