The IAccessControl interface enables the management of access to objects and properties on the objects.
For Windows NT storage and Directory Service objects, the IAccessControl interface makes use of the access providers as used by the Win32 Access Control APIs (ACCESS5). Other implementations will be responsible for converting from the given access information format into the required format.
Distributed COM provides an implementation of the IAccessControl interface. To get a pointer to this implementation, call CoCreateInstance, specifying CLSID_DCOMAccessControl as the CLSID.
This implementation supports the IPersist interface to save the state of your access control object.
NOTE
If you decide to implement IAccessControl and pass your implementation to CoInitializeSecurity, you must ensure that it is completely thread-safe, because COM can call it on any thread, at any time.
When to Use Call methods of the IAccessControl interface to manage access to objects and properties on the objects, and to get access information. Its primary use is when you set process-wide security with a call to CoInitializeSecurity, specifying EOAC_ACCESS_CONTROL as the capability flag, and providing a pointer to an instance of IAccessControl as the first (pVoid) parameter. COM then calls its methods to determine access rights.
| IUnknown Methods | Description |
|---|---|
| QueryInterface | Returns pointers to supported interfaces. |
| AddRef | Increments reference count. |
| Release | Decrements reference count. |
| IAccessControl Methods | Description |
|---|---|
| GrantAccessRights | Merges the new ACTRL_ACCESS list with the existing access rights on the object |
| SetAccessRights | Replaces existing access rights with the specified list |
| SetOwner | Sets an item's owner or group |
| RevokeAccessRights | Removes explicit entries for the list of trustees |
| GetAllAccessRights | Gets the entire list of access rights and/or the owner and group for the object |
| IsAccessAllowed | Determines if the trustee has access to the object/property |
Windows NT: Use version 4.0 or later.
Windows: Available as a Windows 95 redistributable.
Windows CE: Unsupported.
Header: Declared in oleext.h.
CoInitializeSecurity, Setting Process-wide Security with CoInitializeSecurity