Authorization Constants

Defines what the server authorizes.

Constant/value Description
RPC_C_AUTHZ_NONE
0
The server performs no authorization. Currently, RPC_C_AUTHN_WINNT, RPC_C_AUTHN_GSS_SCHANNEL, and RPC_C_AUTHN_GSS_KERBEROS all use only RPC_C_AUTHZ_NONE.
RPC_C_AUTHZ_NAME
1
The server performs authorization based on the client's principal name.
RPC_C_AUTHZ_DCE
2
The server performs authorization checking using the client's DCE privilege attribute certificate (PAC) information, which is sent to the server with each remote procedure call made using the binding handle. Generally, access is checked against DCE access control lists (ACLs).
RPC_C_AUTHZ_DEFAULT
0xffffffff
DCOM can choose the authorization level using its normal security blanket negotiation algorithm. For more information, see Security Blanket Negotiation.

Remarks

These constants are used by methods of the IClientSecurity interface. They are used in the SOLE_AUTHENTICATION_SERVICE structure, which is retrieved by the CoQueryAuthenticationServices function. They are also used in the SOLE_AUTHENTICATION_INFO structure, which in turn is a member of the SOLE_AUTHENTICATION_LIST structure. This structure, which is a list of authentication services, the authorization services they perform, and the authentication information for each service, is passed to the CoInitializeSecurity function and the IClientSecurity::SetBlanket method.

Requirements

Requirement Value
Minimum supported client
Windows 2000 Professional [desktop apps only]
Minimum supported server
Windows 2000 Server [desktop apps only]
Header
RpcDce.h

See also

CoInitializeSecurity

CoQueryAuthenticationServices

IClientSecurity

SOLE_AUTHENTICATION_INFO

SOLE_AUTHENTICATION_SERVICE