Export (0) Print
Expand All

Authorization Constants

Defines what the server authorizes.

Constant/valueDescription
RPC_C_AUTHZ_NONE
0

The server performs no authorization. Currently, RPC_C_AUTHN_WINNT, RPC_C_AUTHN_GSS_SCHANNEL, and RPC_C_AUTHN_GSS_KERBEROS all use only RPC_C_AUTHZ_NONE.

RPC_C_AUTHZ_NAME
1

The server performs authorization based on the client's principal name.

RPC_C_AUTHZ_DCE
2

The server performs authorization checking using the client's DCE privilege attribute certificate (PAC) information, which is sent to the server with each remote procedure call made using the binding handle. Generally, access is checked against DCE access control lists (ACLs).

RPC_C_AUTHZ_DEFAULT
0xffffffff

DCOM can choose the authorization level using its normal security blanket negotiation algorithm. For more information, see Security Blanket Negotiation.

Remarks

These constants are used by methods of the IClientSecurity interface. They are used in the SOLE_AUTHENTICATION_SERVICE structure, which is retrieved by the CoQueryAuthenticationServices function. They are also used in the SOLE_AUTHENTICATION_INFO structure, which in turn is a member of the SOLE_AUTHENTICATION_LIST structure. This structure, which is a list of authentication services, the authorization services they perform, and the authentication information for each service, is passed to the CoInitializeSecurity function and the IClientSecurity::SetBlanket method.

Requirements

Minimum supported client

Windows 2000 Professional [desktop apps only]

Minimum supported server

Windows 2000 Server [desktop apps only]

Header

RpcDce.h

See also

CoInitializeSecurity
CoQueryAuthenticationServices
IClientSecurity
SOLE_AUTHENTICATION_INFO
SOLE_AUTHENTICATION_SERVICE

 

 

Community Additions

ADD
Show:
© 2014 Microsoft