CoQueryClientBlanket function (combaseapi.h)
Called by the server to find out about the client that invoked the method executing on the current thread. This is a helper function for IServerSecurity::QueryBlanket.
Syntax
HRESULT CoQueryClientBlanket(
[out, optional] DWORD *pAuthnSvc,
[out, optional] DWORD *pAuthzSvc,
[out, optional] LPOLESTR *pServerPrincName,
[out, optional] DWORD *pAuthnLevel,
[out, optional] DWORD *pImpLevel,
[out, optional] RPC_AUTHZ_HANDLE *pPrivs,
[in, out, optional] DWORD *pCapabilities
);
Parameters
[out, optional] pAuthnSvc
A pointer to a variable that receives the current authentication service. This will be a single value taken from the authentication service constants. If the caller specifies NULL, the current authentication service is not retrieved.
[out, optional] pAuthzSvc
A pointer to a variable that receives the current authorization service. This will be a single value taken from the authorization constants. If the caller specifies NULL, the current authorization service is not retrieved.
[out, optional] pServerPrincName
The current principal name. The string will be allocated by the callee using CoTaskMemAlloc, and must be freed by the caller using CoTaskMemFree. By default, Schannel principal names will be in the msstd form. The fullsic form will be returned if EOAC_MAKE_FULLSIC is specified in the pCapabilities parameter. For more information about the msstd and fullsic forms, see Principal Names. If the caller specifies NULL, the current principal name is not retrieved.
[out, optional] pAuthnLevel
A pointer to a variable that receives the current authentication level. This will be a single value taken from the authentication level constants. If the caller specifies NULL, the current authentication level is not retrieved.
[out, optional] pImpLevel
This parameter must be NULL.
[out, optional] pPrivs
A pointer to a handle that receives the privilege information for the client application. The format of the structure that the handle refers to depends on the authentication service. The application should not write or free the memory. The information is valid only for the duration of the current call. For NTLMSSP and Kerberos, this is a string identifying the client principal. For Schannel, this is a CERT_CONTEXT structure that represents the client's certificate. If the client has no certificate, NULL is returned. If the caller specifies NULL, the current privilege information is not retrieved. See RPC_AUTHZ_HANDLE.
[in, out, optional] pCapabilities
A pointer to return flags indicating capabilities of the call. To request that the principal name be returned in fullsic form if Schannel is the authentication service, the caller can set the EOAC_MAKE_FULLSIC flag in this parameter. If the caller specifies NULL, the current capabilities are not retrieved.
Return value
This function can return the standard return values E_INVALIDARG, E_OUTOFMEMORY, and S_OK.
Remarks
CoQueryClientBlanket is called by the server to get security information about the client that invoked the method executing on the current thread. This function encapsulates the following sequence of common calls (error handling excluded):
CoGetCallContext(IID_IServerSecurity, (void**)&pss);
pss->QueryBlanket(pAuthnSvc, pAuthzSvc, pServerPrincName,
pAuthnLevel, pImpLevel, pPrivs, pCapabilities);
pss->Release();
This sequence calls CoGetCallContext to get a pointer to IServerSecurity and, with the resulting pointer, calls IServerSecurity::QueryBlanket and then releases the pointer.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 2000 Professional [desktop apps only] |
| Minimum supported server | Windows 2000 Server [desktop apps only] |
| Target Platform | Windows |
| Header | combaseapi.h (include Objbase.h) |
| Library | Ole32.lib |
| DLL | Ole32.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for