IServerSecurity::QueryBlanket
Called by the server to find out about the client that invoked one of its methods.
HRESULT QueryBlanket(
DWORD * pAuthnSvc, //Pointer to the current authentication
// service
DWORD * pAuthzSvc, //Pointer to the current authorization
// service
OLECHAR ** pServerPrincName,
//Pointer to the current principal name
DWORD * pAuthnLevel, //Pointer to the current authentication level
DWORD * pImpLevel, //Reserved for future use; must be NULL
RPC_AUTHZ_HANDLE * pPrivs,
//Pointer to handle to privilege information
DWORD * pCapabilities //Pointer to flags indicating further
// capabilities
);
Parameter
-
pAuthnSvc
-
[out] Pointer to the current authentication service. This will be a single value taken from the list of RPC_C_AUTHN_xxx constants. If the caller specifies NULL, the current authentication service is not retrieved.
-
pAuthzSvc
-
[out] Pointer to the current authorization service. This will be a single value taken from the list of RPC_C_AUTHZ_xxx constants. If the caller specifies NULL, the current authorization service is not retrieved.
-
pServerPrincName
-
[out] Pointer to the current principal name. The string will be allocated by the callee using CoTaskMemAlloc, and must be freed by the caller using CoTaskMemFree when they are done with it. If the caller specifies NULL, the current principal name is not retrieved.
-
pAuthnLevel
-
[out] Pointer to the current authentication level. This will be a single value taken from the list of RPC_C_AUTHN_LEVEL_xxx constants. If the caller specifies NULL, the current authentication level is not retrieved.
-
pImpLevel
-
[out] Must be NULL. This parameter is reserved for future use.
-
pPrivs
-
[out] Pointer to a handle to the privilege information for the client application. The format of the structure is authentication service specific. The application should not write or free the memory. The information is only valid for the duration of the current call. If the caller specifies NULL, the current privilege information is not retrieved. For NTLMSSP, Kerberos, and SSL, this is the client's principal name. By default, SSL principal names will be in the msstd form. The fullsic form will be returned if EOAC_MAKE_FULLSIC is specified in the pCapabilities parameter. For more information on msstd and fullsic, see the SSL section of COM and Security Packages.
-
pCapabilities
-
[in, out] Pointer to return flags indicating capabilities of the call. If the caller specifies NULL, the current capabilities are not retrieved. For SSL, you can set the EOAC_MAKE_FULLSIC bit in *pCapabilities to request that the privilege information returned in *pPrivs be in fullsic form. Notice that since this parameter was previously only an [out] parameter, you may have to clear the EOAC_MAKE_FULLSIC bit in *pCapabilities to get the msstd form. For more information on msstd and fullsic, see the SSL section of COM and Security Packages.
Return Values
This method supports the standard return values E_INVALIDARG and E_OUTOFMEMORY, as well as the following:
-
S_OK
-
Success.
Remarks
IServerSecurity::QueryBlanket is used by the server to find out about the client that invoked one of its methods. To get a pointer to IServerSecurity for the current call on the current thread, call CoGetCallContext, specifying IID_IServerSecurity. This interface pointer may only be used in the same apartment as the call for the duration of the call.
QuickInfo
Windows NT: Use version 4.0 or later.
Windows: Use Windows 95 or later. Available as a redistributable for Windows 95.
Windows CE: Unsupported.
Header: Declared in objidl.h.
See Also
CoGetCallContext, CoQueryClientBlanket