Platform SDK: Logon Authentication |
SSPI credential management functions provide a credentials handle, a reference to an opaque security object, for accessing a principal. The security object is opaque because the application has access only to the handle and not to the actual contents of the structure.
All references to the contents of a credential context are through the object's handle and the security package de-references the handle to access the specifics of credentials. A credential handle is a 64-bit value between {0x00000000, 0x0000000} and {0xFFFFFFFF, 0xFFFFFFFE}.
Applications use the credentials handle with context management functions to create a security context.
Credential management functions also release credential handles and query the attributes of credentials. At present, the name associated with a credential is the only attribute that can be queried.
The following functions are used with credentials management.
Function | Description |
---|---|
AcquireCredentialsHandle | Acquires a handle to the pre-existing credentials of a specified principal. |
ExportSecurityContext | Exports a security context into a context buffer. |
FreeCredentialsHandle | Releases a credential handle and associated resources. |
ImportSecurityContext | Imports a security context exported by using ExportSecurityContext into the current process. |
QueryCredentialsAttributes | Queries a credential handle for the name associated with the credential. |