Chapter 8. Scenario 1: GSS-API application 157
2. azn_decision_access_allowed
This function makes the actual authorization decision by comparing the
desired permissions with the client’s credential information. In order to
achieve this, the application passes in the client credentials, the name of the
protected resource, and the desired permissions. A AZN_C_PERMITTED
status signals positive permission. Otherwise the request is rejected. Please
note that unlike in the DCE example, credential checking and the
authorization decision are performed in a single function call.
8.5 Administration considerations and interfaces
This section points out the new considerations concerning administrative tasks
and interfaces. The overview comprises the transition ...