Main page Browse manuals Links

Manual page: krb5_kuserok(3)

KRB5_KUSEROK(3)        FreeBSD Library Functions Manual        KRB5_KUSEROK(3)

NAME

     krb5_kuserok -- verifies if a principal can log in as a user

LIBRARY

     Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

     #include <krb5.h>

     krb5_boolean
     krb5_kuserok(krb5_context context, krb5_principal principal,
         const char *name);

DESCRIPTION

     This function takes a local user name and verifies if principal is
     allowed to log in as that user.

     First krb5_kuserok check if there is a local account name username. If
     there isn't, krb5_kuserok returns FALSE.

     Then krb5_kuserok checks if principal is the same as user@realm in any of
     the default realms. If that is the case, krb5_kuserok returns TRUE.

     After that it reads the file .k5login (if it exists) in the users home
     directory and checks if principal is in the file.  If it does exists,
     TRUE is returned.  If neither of the above turns out to be true, is
     returned.

     The .k5login should contain one principal per line.

SEE ALSO

     krb5_get_default_realms(3), krb5_verify_user(3),
     krb5_verify_user_lrealm(3), krb5_verify_user_opt(3,) krb5.conf(5)

HEIMDAL                          Oct 17, 2002                          HEIMDAL
Valid XHTML 1.0 and CSS2!
© 2008 FreeBSD7.com