IClientSecurity::SetBlanket

HRESULT IClientSecurity::SetBlanket(pProxy, AuthnSvc, ServerPrincName, pAuthInfo, AuthnLevel, AuthzSvc);

This method sets the authentication information that will be used to make calls on the specified proxy. The values specified here override the values chosen by automatic security. Calling this method changes the security values for all other users of the specified proxy. Use IClientSecurity::CopyProxy to make a private copy.

By default the authentication service and principal name is set to a list of authentication service and principal name pairs that were registered on the server. When this method is called COM will forget the default list. By default COM will try one principal name from the list of authentication services available on both computers. It will not retry if that principal name fails.

If pAuthInfo is not set, it defaults to the logged-in ID. AuthnLevel and AuthzSvc default to the values specified to CoInitializeSecurity. If CoInitializeSecurity is not called, they default to RPC_C_AUTHN_LEVEL_NONE and RPC_C_AUTHZ_NONE.

Security information will often be ignored if set on local interfaces. For example, it is legal to set security on the IClientSecurity interface. However, since that interface is supported locally, there is no need for security. IUnknown and IMultiQuery are special cases. The local implementation makes remote calls to support these interfaces. The local implementation will use the security settings for those interfaces.

Argument

Type

Description

pProxy

void*

This parameter indicates the proxy to set.

AuthnSvc

DWORD

This parameter indicates the authentication service. It may be RPC_C_AUTHN_NONE if no authentication is required. It may be RPC_C_AUTHN_DONT_CHANGE if you do not want to change the current value.

ServerPrincName

WCHAR*

This parameter indicates the server principal name. It may be NULL if you don't want to change the current value.

pAuthInfo

RPC_AUTH_IDENTITY
_HANDLE*

This parameter sets the identity of the client. It is authentication-service specific. Some authentication services allow the application to pass in a different user name and password. COM keeps a pointer to the memory passed in until COM is uninitialized or a new value is set. If NULL is specified COM uses the current identity (whether the logged in or impersonated ID).

AuthnLevel

DWORD

This parameter specifies the authentication level. It may be RPC_C_AUTHN_LEVEL_DONT_CHANGE if you do not want to change the current value.

AuthzSvc

DWORD

This parameter specifies the authorization level. It may be RPC_C_AUTHZ_DONT_CHANGE if you do not want to change the current value.

Returns

S_OK

Success.

E_INVALIDARG

One or more arguments is invalid.