IServerSecurity::QueryBlanket method (objidlbase.h)

Retrieves information about the client that invoked one of the server's methods.

Syntax

HRESULT QueryBlanket(
  [out]     DWORD   *pAuthnSvc,
  [out]     DWORD   *pAuthzSvc,
  [out]     OLECHAR **pServerPrincName,
  [out]     DWORD   *pAuthnLevel,
  [out]     DWORD   *pImpLevel,
  [out]     void    **pPrivs,
  [in, out] DWORD   *pCapabilities
);

Parameters

[out] pAuthnSvc

A pointer to the current authentication service. This will be a single value taken from the list of authentication service constants. If the caller specifies NULL, the current authentication service is not retrieved.

[out] pAuthzSvc

A pointer to a variable that receives the current authorization service. This will be a single value from the list of authorization constants. If the caller specifies NULL, the current authorization service is not retrieved.

[out] pServerPrincName

The current principal name. The string will be allocated by the callee using CoTaskMemAlloc, and must be freed by the caller using CoTaskMemFree. By default, Schannel principal names will be in the msstd form. The fullsic form will be returned if EOAC_MAKE_FULLSIC is specified in the pCapabilities parameter. For more information on the msstd and fullsic forms, see Principal Names. If the caller specifies NULL, the current principal name is not retrieved.

[out] pAuthnLevel

A pointer to a variable that receives the current authentication level. This will be a single value taken from the list of authentication level constants. If the caller specifies NULL, the current authentication level is not retrieved.

[out] pImpLevel

This parameter must be NULL.

[out] pPrivs

The privilege information for the client application. The format of the structure that the handle refers to depends on the authentication service. The application should not write or free the memory. The information is only valid for the duration of the current call. For NTLMSSP, and Kerberos, this is a SEC_WINNT_AUTH_IDENTITY or SEC_WINNT_AUTH_IDENTITY_EX structure. For Schannel, this is a CERT_CONTEXT structure that represents the client's certificate. If the client has no certificate, NULL is returned. If the caller specifies NULL, the current privilege information is not retrieved.

[in, out] pCapabilities

The capabilities of the call. To request that the principal name be returned in fullsic form if Schannel is the authentication service, the caller can set the EOAC_MAKE_FULLSIC flag in this parameter. If the caller specifies NULL, the current capabilities are not retrieved.

Return value

This method can return the standard return values E_INVALIDARG, E_OUTOFMEMORY, and S_OK.

Remarks

QueryBlanket is used by the server to find out about the client that invoked one of its methods. To get a pointer to IServerSecurity for the current call on the current thread, call CoGetCallContext, specifying IID_IServerSecurity. This interface pointer may only be used in the same apartment as the call for the duration of the call.

Requirements

Requirement Value
Minimum supported client Windows 2000 Professional [desktop apps only]
Minimum supported server Windows 2000 Server [desktop apps only]
Target Platform Windows
Header objidlbase.h (include ObjIdl.h)

See also

CoQueryClientBlanket

CoQueryProxyBlanket

IServerSecurity