Open Ethernet Networking (OpEN) API Guide and Reference Manual  3.6.0.3
Authorization

Authorization is the process of granting or denying a user access to network resources once the user has been authenticated through the username and password. The amount of information and the amount of services the user has access to depend on the user's authorization level.

Authorization OpEN API

This document provides a brief description of the Authorization OpEN APIs. The Authorization OpEN APIs allow processes outside of the ICOS main process (switchdrvr) access to Authorization services. It provides the following services:

All 'Set' operations may affect the Switch behavior and configuration.

Example C Application authorization_example

Initialization

In the main function, the sample application initializes the OpEN API RPC service by calling openapiClientRegister() and waits for the RPC service in switchdrvr to start. A Client Handle is returned by openapiClientRegister() which is used while invoking the OpEN APIs. The application then exercises the associated OpEN APIs and logs informational and/or error messages on the console. The example application runs to its completion and exits.

authorization_example

authorization_example.c is a sample application that demonstrates the use of the Authorization OpEN APIs. authorization_example is started from the command line and has the following usage syntax:

Usage: authorization_example <test#> <arg1> <arg2> ...

It exercises all the Authorization OpEN APIs with appropriate arguments to manage the Authorization feature in the ICOS main process (switchdrvr).

Authorization CLI/API Cross Reference

CLI Command OpEN API Reference
(Config)#
aaa authorization {commands|exec} {<list-name> | default} <method1> [<method2>...<methodn>]
openapiAuthorizationListCreate()
openapiAuthorizationMethodsAdd()
openapiAuthorizationListFirstGet()
openapiAuthorizationListNextGet()
openapiAuthorizationMethodListGet()
(Config)#
no aaa authorization {commands | exec} {<list-name> | default}
openapiAuthorizationListDelete()
(Line-Config Mode)#
authorization {commands | exec} {<list-name>|default}
openapiAuthorizationListLineSet()
openapiAuthorizationListLineGet()
(Line-Config Mode)#
no authorization {commands | exec}
openapiAuthorizationListLineDelete()