To initiate security services the client sends an object identifier, which maps to a security mechanism, to the server when establishing a dialog. The server maps the object identifier to its own local name for the security mechanism. If the server does not support the requested security mechanism or does not support security sessions at all, the dialog request fails and Open Server returns an error.
Use of object identifiers allows local names for a security mechanism to be different on clients and servers. System administrators and application programmers can then develop their own separate local naming conventions for security mechanisms. See “Object identifiers” for more information about object identifiers.
Server-Library allows you to specify the principal name to be used when acquiring credentials. This principal name is the name by which the Open Server application is known to the security service provider. You can use the SRV_S_SEC_PRINCIPAL server property with the srv_props function to set the application’s principal name.
If not set, the principal name defaults to the Open Server application’s network name, which is generally specified through srv_init.
Open Server uses credentials when establishing security sessions with clients.
The login name of the client is obtained from the security session; whatever is specified in the login record is ignored.
See the Open Client Client-Library/C Reference Manual for information on the client’s role in using security services.
