Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

QueryContextAttributes (CredSSP) function

The QueryContextAttributes (CredSSP) function lets a transport application query the Credential Security Support Provider (CredSSP) security package for certain attributes of a security context.

Syntax


SECURITY_STATUS SEC_ENTRY QueryContextAttributes(
  _In_   PCtxtHandle phContext,
  _In_   ULONG ulAttribute,
  _Out_  void *pBuffer
);

Parameters

phContext [in]

A handle to the security context to be queried.

ulAttribute [in]

The attribute of the context to be returned. This parameter can be one of the following values. Unless otherwise specified, the attributes are applicable to both client and server.

ValueMeaning
SECPKG_ATTR_C_ACCESS_TOKEN
0x80000012

The pBuffer parameter contains a pointer to a SecPkgContext_AccessToken structure that specifies the access token for the current security context.

This attribute is supported only on the server.

SECPKG_ATTR_C_FULL_ACCESS_TOKEN
0x80000082

The pBuffer parameter contains a pointer to a SecPkgContext_AccessToken structure that specifies the access token for the current security context.

This attribute is supported only on the server.

SECPKG_ATTR_CERT_TRUST_STATUS
0x80000084

The pBuffer parameter contains a pointer to a CERT_TRUST_STATUS structure that specifies trust information about the certificate.

This attribute is supported only on the client.

SECPKG_ATTR_CREDS
0x80000080

The pBuffer parameter contains a pointer to a SecPkgContext_ClientCreds structure that specifies client credentials.

The client credentials can be either user name and password or user name and smart card PIN.

This attribute is supported only on the server.

SECPKG_ATTR_CREDS_2
0x80000086

The pBuffer parameter contains a pointer to a SecPkgContext_ClientCreds structure that specifies client credentials.

If the client credential is user name and password, the buffer is a packed KERB_INTERACTIVE_LOGON structure.

If the client credential is user name and smart card PIN, the buffer is a packed KERB_CERTIFICATE_LOGON structure.

If the client credential is an online identity credential, the buffer is a marshaled SEC_WINNT_AUTH_IDENTITY_EX2 structure.

This attribute is supported only on the CredSSP server.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not supported.

SECPKG_ATTR_NEGOTIATION_PACKAGE
0x80000081

The pBuffer parameter contains a pointer to a SecPkgContext_PackageInfo structure that specifies the name of the authentication package negotiated by the Microsoft Negotiate provider.

SECPKG_ATTR_PACKAGE_INFO
10

The pBuffer parameter contains a pointer to a SecPkgContext_PackageInfo structure.

Returns information on the SSP in use.

SECPKG_ATTR_SERVER_AUTH_FLAGS
0x80000083

The pBuffer parameter contains a pointer to a SecPkgContext_Flags structure that specifies information about the flags in the current security context.

This attribute is supported only on the client.

SECPKG_ATTR_SIZES
0x0

The pBuffer parameter contains a pointer to a SecPkgContext_Sizes structure.

Queries the sizes of the structures used in the per-message functions and authentication exchanges.

SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES
124

The pBuffer parameter contains a pointer to a SecPkgContext_SubjectAttributes structure.

This value returns information about the security attributes for the connection.

This value is supported only on the CredSSP server.

Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not supported.

 

pBuffer [out]

A pointer to a structure that receives the attributes. The structure type depends on the value of the ulAttribute parameter.

Return value

If the function succeeds, it returns SEC_E_OK.

If the function fails, it can return the following error codes.

Return code/valueDescription
SEC_E_INVALID_HANDLE
0x80100003

The function failed. The phContext parameter specifies a handle to an incomplete context.

SEC_E_UNSUPPORTED_FUNCTION
0x80090302

The function failed. The value of the ulAttribute parameter is not valid.

 

Remarks

The structure pointed to by the pBuffer parameter varies depending on the attribute being queried.

While the caller must allocate the pBuffer structure itself, the SSP allocates any memory required to hold variable-sized members of the pBuffer structure. Memory allocated by the SSP must be freed by calling the FreeContextBuffer function.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

Sspi.h (include Security.h)

Library

Secur32.lib

DLL

Secur32.dll

Unicode and ANSI names

QueryContextAttributesW (Unicode) and QueryContextAttributesA (ANSI)

See also

SSPI Functions
CERT_CONTEXT
FreeContextBuffer
SecPkgContext_ClientCreds
SecPkgContext_Sizes

 

 

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.