3.17.4.1.87 AttachCurrentSecurityContext2 (Opnum 93)

The AttachCurrentSecurityContext2 method is received by the server in an RPC_REQUEST packet. In response, the server caches the relevant information required to sign a message on behalf of the client, including Message.SenderIdentifier and Message.SenderCertificate. This method is provided purely as an optimization to allow the client to reduce lookups of the security information about the calling client each time the message is sent. The represented Message.SenderIdentifier and Message.SenderCertificate property values MUST NOT be updated as a result of calling this method.

 HRESULT AttachCurrentSecurityContext2();

This method has no parameters.

Return Values: The method MUST return S_OK (0x00000000) on success or an implementation-specific error HRESULT on failure.

When processing this call, the server MUST follow these guidelines:

• Set the SenderIdentifierCache instance variable to the SID of the caller.<155>

• If the represented Message.SenderCertificate equals NULL:

  • Set the SenderCertificateCache instance variable to the Certificate ADM attribute of the InternalCertificate ([MS-MQDMPR] section 3.1.1.19) ADM element instance from the InternalCertificateCollection ADM attribute of the local QueueManager ADM element instance whose InternalCertificate.User ADM attribute matches the user identified by the SenderIdentifierCache instance variable.

• Else:

  • The server MAY impose additional requirements on the represented Message.SenderCertificate for authentication purposes.<156>

  • Set the SenderCertificateCache instance variable to the value of the represented Message.SenderCertificate.