Connect to the Purdue Home Page

Purdue University

Identity and Access Management

List Characteristics Command

'L' -- the List Characteristics Command The I2A2 authorizer DBM will return a simple comma-separated list of the characteristic numbers associated with an authenticated PUID in response to the list characteristics command.

Symbol

The puidnetd.h symbol for the list characteristics command is PUIDNETD_CMD_LSTCH.

Keys

These keys may be used to obtain a PUID's characteristics list. The field identifer symbols come from puidnetd.h.

  • a -- alias (PUIDNETD_DATA_AKA); do an exact match on the alias field value.
  • p -- PUID (PUIDNETD_DATA_PUID); do an exact match on the PUID field falue.

Authenticating a PUID to the Authorizer

A PUID is authenticated to the authorizer in exactly the same way it is authenticated to the I2A2 authenticator DBM. The only difference is that the client program connects to the authorizer's net daemon instead of the authenticator's.

After connecting to the authorizer's net daemon, the client program sends the authenticate command ('a', PUIDNETD_CMD_AUTHC) to it.

Upon receipt of a positive acknowledgement reply, 'a', the client program may request a list of the characteristics associated with the authenticated PUID.

Requesting a Characteristics List

Once a PUID has been authenticated, its characteristics list may be requested by sending the 'L' (PUIDNETD_CMD_LSTCH) function to the authorizer's net daemon.

The function must be accompanied by an identity, either the authenticated PUID or its alias.

The characteristics list will be returned in a positive acknowledgement reply, 'a'.

Note: each authentication in the same connection to the authorizer's net daemon clears the net daemon's memory of the previously authenticated PUID. Thus, only the most recently authenticated PUID's characteristics list is available; each successful authentication of a PUID renders the previously authenticated PUID's characteristic list unavailable.

Reply

A positive acknowledgement (ACK) reply message may contain these fields. The field identifier symbols come from puidnetd.h.

  • a -- an alias (PUIDNETD_DATA_AKA);
  • L -- a comma-separated characteristics list (PUIDNETD_AUTHZ_CHL);
  • N -- a common name (PUIDNETD_DATA_CNM);
  • p - a PUID (PUIDNETD_DATA_PUID).

A negative acknowledgement (NAK) reply will contain these fields:

  • e -- an error code (PUIDNETD_DATA_ERRC);
  • e -- an error code (PUIDNETD_DATA_ERRC);

Characteristics List Field

A simple comma-separated characteristic number list is returned in a PUIDNETD_AUTHZ_CHL ('L') field.

Here's an example:

L1536,2066,0

Example

Here's a complete example, including a sample authentication request.

a p12345678 @Rpurdue Pbase-64-password==\t@\t\r\n
a...
L\tp12345678\t\r\n
a\taalias p12345678\Nname L0,1536

Where:

a p12345678... -- is the authentication request.

a... -- is the ACK to the authentication request.

L p12345678... -- is the list characteristics request.

a a... -- is the ACK to the list characteristics request.

L0,1536 -- is the returned characteristic number list.

Converting Characteristic Numbers to Names

See the description of the characteristic lookup command for more information in converting characteristic numbers to characteristic names.

Feedback | Contact Purdue | Style Standards
Maintained by: IAMO Team

Purdue University, West Lafayette, IN 47907, (765) 494-4600
© 2010 - 2013 Purdue University | An equal access/equal opportunity university | Copyright Complaints
If you have trouble accessing this page because of a disability, please contact the CSC at itap@purdue.edu or (765) 494-4000.