IClientSecurity::QueryBlanket method (objidl.h)
Retrieves authentication information the client uses to make calls on the specified proxy.
HRESULT QueryBlanket(
[in] IUnknown *pProxy,
[out] DWORD *pAuthnSvc,
[out] DWORD *pAuthzSvc,
[out] OLECHAR **pServerPrincName,
[out] DWORD *pAuthnLevel,
[out] DWORD *pImpLevel,
[out] void **pAuthInfo,
[out] DWORD *pCapabilites
);
[in] pProxy
A pointer to the proxy. This parameter cannot be NULL. For more information, see the Remarks section.
[out] pAuthnSvc
The current authentication service. This will be a single value taken from the list of authentication service constants. This parameter cannot be NULL.
[out] pAuthzSvc
The current authorization service. This will be a single value taken from the list of authorization constants. This parameter cannot be NULL.
[out] pServerPrincName
The current principal name. The string will be allocated by the callee using the CoTaskMemAlloc function and must be freed by the caller using the CoTaskMemFree function. Note that the actual principal name is returned. The EOAC_MAKE_FULLSIC flag is not accepted to convert the prinicpal name. If the caller specifies NULL, the current principal name is not retrieved.
[out] pAuthnLevel
The current authentication level. This will be a single value taken from the list of authentication level constants. If this parameter is NULL, the current authentication level is not retrieved.
[out] pImpLevel
The current impersonation level. This will be a single value taken from the list of impersonation level constants. If this parameter is NULL, the current impersonation level is not retrieved.
[out] pAuthInfo
A pointer to a handle indicating the identity of the client that was passed to the last IClientSecurity::SetBlanket call (or the default value). Default values are only valid until the proxy is released. If the caller specifies NULL, the client identity is not retrieved.
The format of the structure that the returned handle refers to depends on the authentication service. For NTLMSSP and Kerberos, if the client specified a structure in the pAuthInfo parameter to CoInitializeSecurity, that value is returned. For Schannel, if a certificate for the client could be retrieved from the certificate manager, that value is returned here. Otherwise, NULL is returned. Because this points to the value itself and is not a copy, it should not be manipulated or freed.
[out] pCapabilites
The capabilities of the proxy. These flags are defined in the EOLE_AUTHENTICATION_CAPABILITIES enumeration. If this parameter is NULL, the current capability flags are not retrieved.
This method can return the following values.
Return code | Description |
---|---|
|
The method completed successfully. |
|
One or more arguments are not valid. |
|
There is insufficient memory to create the pServerPrincName buffer. |
QueryBlanket is called by the client to retrieve the authentication information COM will use on calls made from the specified interface proxy. With a pointer to an interface on the proxy, the client would first call QueryInterface for a pointer to IClientSecurity; then, with this pointer, the client would call QueryBlanket, followed by releasing the pointer. This sequence of calls is encapsulated in the helper function CoQueryProxyBlanket.
In pProxy, you pass an interface pointer. However, you cannot pass a pointer to an interface that does not use a proxy. Thus you cannot pass a pointer to an interface that has the local keyword in its interface definition since no proxy is created for such an interface. IUnknown is the exception to this rule.
Requirement | Value |
---|---|
Minimum supported client | Windows 2000 Professional [desktop apps | UWP apps] |
Minimum supported server | Windows 2000 Server [desktop apps | UWP apps] |
Target Platform | Windows |
Header | objidl.h (include ObjIdl.h) |