GSS_AUTH_RULES(7) | Standards, Environments, and Macros | GSS_AUTH_RULES(7) |
gss_auth_rules - overview of GSS authorization
The establishment of the veracity of a user's credentials requires both authentication (Is this an authentic user?) and authorization (Is this authentic user, in fact, authorized?).
When a user makes use of Generic Security Services (GSS) versions of the ftp or ssh clients to connect to a server, the user is not necessarily authorized, even if his claimed GSS identity is authenticated, Authentication merely establishes that the user is who he says he is to the GSS mechanism's authentication system. Authorization is then required: it determines whether the GSS identity is permitted to access the specified Solaris user account.
The GSS authorization rules are as follows:
/etc/passwd
See attributes(7) for a description of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Interface Stability | Evolving |
ftp(1), ssh(1), gss_compare_name(3GSS), passwd(5), attributes(7), krb5_auth_rules(7), gsscred(8)
April 13, 2004 | OmniOS |