RPC_C_AUTHZ_xxx

[This is preliminary documentation and subject to change.]

These values define what the server authorizes, and they are used by methods of the IClientSecurity interface. Along with the RPC_C_AUTHN_xxx values, these values are assigned to the SOLE_AUTHENTICATION_SERVICE structure, which is retrieved by the CoQueryAuthenticationServices function. The RPC_C_AUTHZ_xxx values are also assigned to members of the SOLE_AUTHENTICATION_INFO structure, which in turn is a member of the SOLE_AUTHENTICATION_LIST structure. This structure, which is a list of authentication services, the authorization services they perform, and the authentication information for each service, is passed to the CoInitializeSecurity function and the IClientSecurity::SetBlanket method.

Values

RPC_C_AUTHZ_NONE

Server performs no authorization. Currently RPC_C_AUTHN_WINNT, RPC_C_AUTHN_GSS_SCHANNEL, and RPC_C_AUTHN_GSS_KERBEROS all use only RPC_C_AUTHZ_NONE.

RPC_C_AUTHZ_NAME

Server performs authorization based on the client's principal name.

RPC_C_AUTHZ_DCE

Server performs authorization checking using the client's DCE privilege attribute certificate (PAC) information, which is sent to the server with each remote procedure call made using the binding handle. Generally, access is checked against DCE access control lists (ACLs).

RPC_C_AUTHZ_DEFAULT

Tells DCOM to choose the authorization service using its normal security blanket negotiation algorithm. This value can be used with Windows NT 5.0 and later versions. For more information, see Security Blanket Negotiation.

QuickInfo

  Windows NT: Use version 3.1 and later.
  Windows: Use Windows 95 and later.
  Windows CE: Unsupported.
  Header: Declared in rpcdce.h.

See Also

SOLE_AUTHENTICATION_SERVICE