The GSS-API Programming Guide explains the Generic Security Services Application Programming Interface — the GSS-API. The GSS-API is a framework that allows developers to write applications that take advantage of security mechanisms such as Kerberos v5, without having to explicitly program for any one mechanism. Programs using the GSS-API therefore can be highly portable, not only from one platform to another, but from one security setup to another and from one transport protocol to another. The GSS-API provides several levels of data protection, consistent with the underlying security mechanims that have been implemented on a system.
The GSS-API Programming Guide is intended for C-language developers who want to write programs that transfer data from one application to another securely, such as client-server programs. No specific knowledge of transport protocols or network programming is necessary to understand or use the GSS-API. (Of course, you will need to understand these areas in order to write networking applications, since the GSS-API does not itself perform transport.)
You should be familiar with C programming. A basic knowledge of security mechanisms is helpful but not required. You do not need to have specialized knowledge about network programming to use this book.
Chapter 1, The GSS-API: An Overview provides an overview of the GSS-API. It explains the general steps involved in using the GSS-API, covers the basic concepts, and details a few of the most important functions.
Chapter 2, A Walk–Through of the Sample GSS-API Programs is a walk-through of the sample programs listed in Appendix A, Sample C–Based GSS-API Programs.
Appendix A, Sample C–Based GSS-API Programs is a program listing for two sample programs: a GSS-API client and a GSS-API server.
Appendix B, GSS-API Reference provides reference information on GSS-API functions, status codes, and data types.
Appendix C, Specifying an OID is a short discussion about specifying a security mechanism in the GSS-API.
Appendix D, Sun-Specific Features explains some features that are unique to Sun's implementation of the GSS-API.
Appendix E, Kerberos v5 Status Codes contains tables showing the status codes returned by the Kerberos v5 security mechanism.
Glossary is a list of words and phrases found in this book and their definitions.
You might find the following to be helpful:
Two documents provide descriptions of the GSS-API (and are somewhat more oriented toward the GSS-API implementor than to the application developer). The Generic Security Service Application Program Interface document (ftp://ftp.isi.edu/in-notes/rfc2743.txt) provides a conceptual overview of the GSS-API, while the Generic Security Service API Version 2: C-Bindings document (ftp://ftp.isi.edu/in-notes/rfc2744.txt) discusses the specifics of the C-language-based GSS-API.
Fatbrain.com, an Internet professional bookstore, stocks select product documentation from Sun Microsystems, Inc.
For a list of documents and how to order them, visit the Sun Documentation Center on Fatbrain.com at http://www1.fatbrain.com/documentation/sun.
The docs.sun.comSM Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com.
The following table describes the typographic changes used in this book.
Table P–1 Typographic Conventions
Typeface or Symbol |
Meaning |
Example |
---|---|---|
AaBbCc123 | The names of commands, files, and directories; on-screen computer output |
Edit your .login file. Use ls -a to list all files. machine_name% you have mail. |
AaBbCc123 | What you type, contrasted with on-screen computer output |
machine_name% su Password: |
AaBbCc123 | Command-line placeholder: replace with a real name or value |
To delete a file, type rm filename. |
AaBbCc123 |
Book titles, new words, or terms, or words to be emphasized. |
Read Chapter 6 in User's Guide. These are called class options. You must be root to do this. |
The following table shows the default system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.
Table P–2 Shell Prompts
Shell |
Prompt |
---|---|
C shell prompt | machine_name% |
C shell superuser prompt | machine_name# |
Bourne shell and Korn shell prompt | $ |
Bourne shell and Korn shell superuser prompt | # |