EOLE_AUTHENTICATION_CAPABILITIES

[This is preliminary documentation and subject to change.]

The EOLE_AUTHENTICATION_CAPABILITIES enumeration constants set various capabilities in CoInitializeSecurity and IClientSecurity::SetBlanket (or its helper function CoSetProxyBlanket.

It has the following definition:

typedef enum tagEOLE_AUTHENTICATION_CAPABILITIES  
{ 
    EOAC_NONE                    = 0x0,  
    EOAC_DEFAULT                 = 0x800,  
    EOAC_MUTUAL_AUTH             = 0x1,  
    EOAC_STATIC_CLOAKING         = 0x20,  
    EOAC_DYNAMIC_CLOAKING        = 0x40,  
    EOAC_ANY_AUTHORITY           = 0x80,  
// These are only valid for CoInitializeSecurity
    EOAC_SECURE_REFS             = 0x2, 
    EOAC_ACCESS_CONTROL          = 0x4, 
    EOAC_APPID                   = 0x8, 
    EOAC_MAKE_FULLSIC            = 0x100, 
    EOAC_REQUIRE_FULLSIC         = 0x200, 
    EOAC_AUTO_IMPERSONATE        = 0x400 
} EOLE_AUTHENTICATION_CAPABILITIES; 
 

Elements

EOAC_NONE

Indicates that no capability flags are set.

EOAC_DEFAULT

Tells DCOM to pick the capabilities using its normal security blanket negotiation algorithm. This value can be used with Windows NT 5.0 and later versions.

EOAC_MUTUAL_AUTH

Unused. If this flag is specified, it will be ignored. Support for mutual authentication is automatically provided by some authentication services. See COM and Security Packages for more information.

EOAC_STATIC_CLOAKING

Sets static cloaking. When this flag is set, DCOM uses the thread token (if present) when determining the client's identity. However, the client's identity is determined on the first call on each proxy (if SetBlanket is not called) and each time CoSetProxyBlanket is called on the proxy. This value can be used with Windows NT 5.0 and later versions. For more information about static cloaking, see Cloaking.

EOAC_DYNAMIC_CLOAKING

Sets dynamic cloaking. When this flag is set, DCOM uses the thread token (if present) when determining the client's identity. Unlike static cloaking, the current thread token is used to determine the client's identity on each call to a proxy. This capability is extremely expensive. This value can be used with Windows NT 5.0 and later versions. For more information about dynamic cloaking, see Cloaking.

EOAC_ANY_AUTHORITY

Tells DCOM to trust an SSL server certificate even if the top level certificate authority is not trusted. That is, when a call arrives using SSL, DCOM will allow the call even if the top level certificate authority is not installed on the machine. This value can be used with Windows NT 5.0 and later versions.

EOAC_SECURE_REFS

Authenticates distributed reference count calls to prevent malicious users from releasing objects. If this capability flag is set in CoInitializeSecurity, the authentication level (in dwAuthnLevel) cannot be set to none.

EOAC_ACCESS_CONTROL

Indicates that the pVoid parameter to CoInitializeSecurity is a pointer to an IAccessControl interface on an access control object. When DCOM makes security checks, it calls IAccessControl::IsAccessAllowed.

EOAC_APPID

Indicates that the pVoid parameter to CoInitializeSecurity is a pointer to a GUID that is an AppID. The CoInitializeSecurity function looks up the AppID in the registry and reads the security settings from there. If this flag is set, all other parameters to CoInitializeSecurity are ignored and must be zero. For more information about this capability flag, see the Remarks below.

EOAC_MAKE_FULLSIC

Causes DCOM to generate SSL principal names in marshalled interfaces in the fullsic form by default. This value can be used with Windows NT 5.0 and later versions.

EOAC_REQUIRE_FULLSIC

Causes DCOM to fail CoUnmarshalInterface for any interface that contains an SSL principal name that is not in the fullsic form. This value can be used with Windows NT 5.0 and later versions.

EOAC_AUTO_IMPERSONATE

Tells DCOM to impersonate every call before dispatching to the application. When this capability flag is set, the dwAuthnLevel parameter must not be set to RPC_C_AUTHN_LEVEL_NONE. For more information on auto-impersonation, see the Impersonation section. This value can be used with Windows NT 5.0 and later versions.

Remarks

When the EOAC_APPID flag is set, CoInitializeSecurity looks for the authentication level under the AppID. If the authentication level is not found, it looks for the default authentication level. If the default authentication level is not found, it generates a default authentication level of connect. If the authentication level is not RPC_C_AUTHN_LEVEL_NONE, CoInitializeSecurity looks for the access permission value under the AppID. If not found, it looks for the default access permission value. If not found, it generates a default access permission. All the other security settings are determined the same way as for a legacy application.

The IClientSecurity::SetBlanket method and CoSetProxyBlanket function return an error if you set any of the following flags in the capabilities parameter: EOAC_SECURE_REFS, EOAC_ACCESS_CONTROL, EOAC_APPID, EOAC_MAKE_FULLSIC, EOAC_REQUIRE_FULLSIC, or EOAC_AUTO_IMPERSONATION.

The CoInitializeSecurity function returns an error if both the EOAC_APPID and EOAC_ACCESS_CONTROL flags are set. Also, CoInitializeSecurity and IClientSecurity::SetBlanket return errors if both cloaking flags are set.

Because SSL does not support cloaking, if either cloaking flag is specified to CoInitializeSecurity in the dwCapabilities parameter, either or both of the two following things may happen: If SSL is specified in pAuthInfo, CoInitializeSecurity will return E_INVALIDARG. If cAuthSvc is set to -1, DCOM will never pick SSL as the default authentication service for proxies.

For more information on the fullsic form for principal names, see COM and Security Packages.

See Also

CoInitializeSecurity, IClientSecurity::SetBlanket, CoSetProxyBlanket, IAccessControl