GNU/Linux man pages
Livre :
Expressions régulières,
Syntaxe et mise en oeuvre :
GNU/Linux |
RedHat 6.2(Zoot) |
|
 |
ldap_bind_s(3) |
 |
ldap_bind, ldap_bind_s, ldap_simple_bind, ldap_simple_bind_s, ldap_kerberos_bind_s, ldap_kerberos_bind1, ldap_kerberos_bind1_s, ldap_kerberos_bind2, ldap_kerberos_bind2_s, ldap_unbind, ldap_unbind_s, ldap_set_rebind_proc − LDAP bind routines
#include
<lber.h>
#include <ldap.h>
int
ldap_bind(ld, who, cred, method)
LDAP *ld;
char *who, *cred;
int method;
int
ldap_bind_s(ld, who, cred, method)
LDAP *ld;
char *who, *cred;
int method;
int
ldap_simple_bind(ld, who, passwd)
LDAP *ld;
char *who, *passwd;
int
ldap_simple_bind_s(ld, who, passwd)
LDAP *ld;
char *who, *passwd;
int
ldap_kerberos_bind_s(ld, who)
LDAP *ld;
char *who;
int
ldap_kerberos_bind1(ld, who)
LDAP *ld;
char *who;
int
ldap_kerberos_bind1_s(ld, who)
LDAP *ld;
char *who;
int
ldap_kerberos_bind2(ld, who)
LDAP *ld;
char *who;
int
ldap_kerberos_bind2_s(ld, who)
LDAP *ld;
char *who;
int
ldap_unbind(ld)
LDAP *ld;
int
ldap_unbind_s(ld)
LDAP *ld;
void
ldap_set_rebind_proc( ld, rebindproc )
LDAP *ld;
int (*rebindproc)();
These routines provide various interfaces to the LDAP bind operation. After a connection is made to an LDAP server using ldap_open(3), an LDAP bind operation must be performed before other operations can be attempted over the conection. Both synchronous and asynchronous versions of each variant of the bind call are provided. There are three types of calls, providing simple authentication, kerberos authentication, and general routines to do either one. All routines take ld as their first parameter, as returned from ldap_open(3).
The simplest form of the bind call is ldap_simple_bind_s(). It takes the DN to bind as in who, and the userPassword associated with the entry in passwd. It returns an LDAP error indication (see ldap_error(3)). The ldap_simple_bind() call is asynchronous, taking the same parameters but only initiating the bind operation and returning the message id of the request it sent. The result of the operation can be obtained by a subsequent call to ldap_result(3).
If the LDAP library and LDAP server being contacted have been compiled with the KERBEROS option defined, Kerberos version 4 authentication can be accomplished by calling the ldap_kerberos_bind_s() routine. It assumes the user already has obtained a ticket granting ticket. It takes who, the DN of the entry to bind as. This routine does both steps of the kerberos binding process synchronously. The ldap_kerberos_bind1_s() and ldap_kerberos_bind2_s() routines allow synchronous access to the individual steps, authenticating to the LDAP server and DSA, respectively. The ldap_kerberos_bind1() and ldap_kerberos_bind2() routines provide equivalent asynchronous access.
The ldap_bind() and ldap_bind_s() routines can be used when the authentication method to use needs to be selected at runtime. They both take an extra method parameter selecting the authentication method to use. It should be set to one of LDAP_AUTH_SIMPLE, LDAP_AUTH_KRBV41, or LDAP_AUTH_KRBV42, to select simple authentication, kerberos authentication to the LDAP server, or kerberos authentication to the DSA, respectively. ldap_bind() returns the message id of the request it initiates. ldap_bind_s() returns an LDAP error indication.
The ldap_unbind() call is used to unbind from the directory, terminate the current association, and free the resources contained in the ld structure. Once it is called, the connection to the LDAP server is closed, and the ld structure is invalid. The ldap_unbind_s() call is just another name for ldap_unbind(); both of these calls are synchronous in nature.
The ldap_set_rebind_proc() call is used to set a routine that will be called back to obtain bind credentials used when a new server is contacted during the following of an LDAP referral. Note that this function is only available when the LDAP libraries are compiled with LDAP_REFERRALS defined and is only used when the ld_options field in the LDAP structure has LDAP_OPT_REFERRALS set (this is the default). If ldap_set_rebind_proc() is never called, or if it is called with a NULL rebindproc parameter, an unauthenticated simple LDAP bind will always be done when chasing referrals.
rebindproc should be a function that is declared like this:
int rebindproc(
LDAP *ld, char **whop, char **credp,
int *methodp, int freeit );
The LDAP library will first call the rebindproc to obtain the referral bind credentials, and the freeit parameter will be zero. The whop, credp, and methodp should be set as appropriate. If the rebindproc returns LDAP_SUCCESS, referral processing continues, and the rebindproc will be called a second time with freeit non-zero to give your application a chance to free any memory allocated in the previous call.
If anything but LDAP_SUCCESS is returned by the first call to the rebindproc, then referral processing is stopped and that error code is returned for the original LDAP operation.
Asynchronous routines will return -1 in case of error, setting the ld_errno parameter of the ld structure. Synchronous routines return whatever ld_errno is set to. See ldap_error(3) for more information.
ldap(3), ldap_error(3), ldap_open(3)
OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). OpenLDAP is derived from University of Michigan LDAP 3.3 Release.
|
ldap_bind_s(3) | |