Next: Creation of the GAA
Up: GAA API functions
Previous: GAA API functions
The security context is a GAA API data structure.
It stores information relevant to access control.
Some of its constituents are listed here:
Verified authentication information, such as principal ID for a particular
security mechanism. To determine which entries apply, the GAA API checks if
the specified principal ID appears in an EACL entry that is paired with a
privilege for the type of access requested.
- Authorization Attributes
Verified authorization credentials, such as group membership, group
non-membership, delegation credentials, and capabilities.
- Evaluation and Retrieval Functions for Upcalls
These functions are called to evaluate application-specific conditions,
to request additional credentials, and to verify them.