Provided by: heimdal-dev_7.8.git20221117.28daf24+dfsg-9ubuntu1_amd64 bug

NAME
       krb5_aname_to_localname — converts a principal to a system local name


LIBRARY
       Kerberos 5 Library (libkrb5, -lkrb5)


SYNOPSIS
       #include <krb5.h>

       krb5_boolean
       krb5_aname_to_localname(krb5_context context, krb5_const_principal name, size_t lnsize, char *lname);


DESCRIPTION
       This   function   takes   a   principal   name,   verifies   that   it  is  in  the  local  realm  (using
       krb5_get_default_realms()) and then returns the local name of the principal.

       If name isn't in one of the local realms an error is returned.

       If the size (lnsize) of the local name (lname) is too small, an error is returned.

       krb5_aname_to_localname() should only be use by an  application  that  implements  protocols  that  don't
       transport the login name and thus needs to convert a principal to a local name.

       Protocols  should be designed so that they authenticate using Kerberos, send over the login name and then
       verify the principal that is authenticated is allowed to login and the login name.  A way to check  if  a
       user is allowed to login is using the function krb5_kuserok().


SEE ALSO
       krb5_get_default_realms(3), krb5_kuserok(3)

HEIMDAL                                         February 18, 2006                     KRB5_ANAME_TO_LOCALNAME(3)