LSA_AP_CALL_PACKAGE callback function (ntsecpkg.h)
Called by the Local Security Authority (LSA) when a logon application with a trusted connection to the LSA calls the LsaCallAuthenticationPackage function and specifies the authentication package's identifier.
LsaApCallPackage is called for logon applications only; calls from applications that do not have the SeTcbPrivilege privilege are routed to the specified authentication package's LsaApCallPackageUntrusted function instead.
Syntax
LSA_AP_CALL_PACKAGE LsaApCallPackage;
NTSTATUS LsaApCallPackage(
[in] PLSA_CLIENT_REQUEST ClientRequest,
[in] PVOID ProtocolSubmitBuffer,
[in] PVOID ClientBufferBase,
[in] ULONG SubmitBufferLength,
[out] PVOID *ProtocolReturnBuffer,
[out] PULONG ReturnBufferLength,
[out] PNTSTATUS ProtocolStatus
)
{...}
Parameters
[in] ClientRequest
Pointer to an opaque LSA_CLIENT_REQUEST buffer representing the LSA client's request.
[in] ProtocolSubmitBuffer
Supplies a protocol message specific to the authentication package.
[in] ClientBufferBase
Provides the address within the client process of the protocol message. This may be necessary to remap any pointers within the ProtocolSubmitBuffer buffer.
[in] SubmitBufferLength
Specifies the length of the ProtocolSubmitBuffer buffer, in bytes.
[out] ProtocolReturnBuffer
Returns the address of the output buffer within the client process. The authentication package is responsible for calling the AllocateClientBuffer function to allocate the buffer within the client process. The contents of this buffer are specific to the authentication package.
[out] ReturnBufferLength
Pointer to a ULONG that returns the length of the ProtocolReturnBuffer buffer, in bytes.
[out] ProtocolStatus
Pointer to an NTSTATUS value. If the function returns STATUS_SUCCESS, ProtocolStatus returns a completion status set by the authentication package. ProtocolStatus values are specific to the authentication package.
More information about NTSTATUS codes can be found in the Subauth.h file shipped with the Platform SDK.
Return value
If the function succeeds, return STATUS_SUCCESS. This return value indicates that the authentication package attempted to provide the requested service. Use the ProtocolStatus parameter to return the completion status of the service request.
If the authentication package could not process the request and therefore did not attempt to provide the requested service, return an NTSTATUS code indicating the problem. This code can be the following value or one of the LSA Policy Function Return Values.
| Return code | Description |
|---|---|
|
The client's memory quota is insufficient to allocate the output buffer. |
Remarks
This function must be implemented by authentication packages.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | ntsecpkg.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for