SetHintValue

Stores data needed during authorization as a key-value pair.

Declaration

int (*)(struct __OpaqueAuthorizationEngine *, const char *, const struct AuthorizationValue *) SetHintValue;

Parameters

inEngine:
An opaque handle that is passed to your plug-in when the authorization engine calls your Mechanismcreate function.
inKey:
A key identifying the value you are storing. For standard values such as a time stamp, use the keys listed in DirectoryService/DirServicesConst.h. If you need to define a new key, make sure the key is unique. For example, you can use your company name as a prefix for the key name.
inValue:
A pointer to an Authorizationvalue structure that contains the size of the data and a pointer to the data. Both the structure and the data are copied to storage maintained by the authorization engine.

Mentioned in

Extending authorization services with plug-ins

Return Value

A result code. Possible results are errAuthorizationSuccess (no error) and errAuthorizationInternal (Security Server internal error).

Discussion

Your plug-in authorization mechanism can save and retrieve auxiliary information—called hints—for use by subsequent mechanisms that are part of the same authorization. You use the SetHintValue function to have the Security Server store this data and the GetHintValue function to retrieve it. Hints are not preserved as part of the authorization result; once all mechanisms have approved the authorization or any mechanism has denied it, the security engine disposes of the hints.

The authorization engine sends you the entry point to the SetHintValue function in an AuthorizationCallbacks structure when you call the AuthorizationPluginCreate function.