Using the Credential Cache

Media Foundation provides a default implementation of the IMFNetCredentialCache interface. An application that implements the IMFNetCredentialManager interface can use the default credential cache object to store the user's credentials.

To create the default credential cache object, call the MFCreateCredentialCache function.


HRESULT hr = S_OK;
IMFNetCredentialCache *pCredentialCache = NULL;
hr = MFCreateCredentialCache(&pCredentialCache);


After the credential cache is created, the application can use the following methods to get a credential object, set user credentials, and specify the caching options.

  • To get the credential object for a URL, call IMFNetCredentialCache::GetCredential.

    
    hr = pCredentialCache-> GetCredential(
            pszUrl,
            pszRealm,
            dwAuthenticationFlags,
            &pCredential,
            &dwRequirementsFlags);
    
    
    

    If the credentials for the specified URL do not exist in the credential cache, GetCredential creates a new credential object with empty user name and password values.

  • To set the user name and password on the credential object, call IMFNetCredential::SetUser and IMFNetCredential::SetPassword.
  • To set the caching options on the credential object, call IMFNetCredentialCache::SetUserOptions.

    
    hr = pCredentialCache-> SetUserOptions( 
            pCredentialCache,
            MFNET_CREDENTIAL_SAVE);
    
    
    

    The dwOptionsFlags parameter values are defined in the MFNetCredentialOptions enumeration. To save user credentials for a URL in a persistent storage, set the MFNET_CREDENTIAL_SAVE flag. If the SetUserOptions call completes successfully, then the subsequent call to GetCredential searches for the credentials in the persistent storage. If a match is found, this method returns a pointer to the credential object that contains the information.

    By default, user credentials sent over the network are encrypted. To change this to clear text, set the MFNET_CREDENTIAL_ALLOW_CLEAR_TEXT flag.

    To remove information from the registry, call GetCredential to get the credential object, and then call SetUserOption and set dwOptionsFlags to MFNET_CREDENTIAL_DONT_CACHE.

Related topics

Network Source Authentication

 

 

Show: