QueryContextAttributesW function (sspi.h)
The QueryContextAttributes (CredSSP) function lets a transport application query the Credential Security Support Provider (CredSSP) security package for certain attributes of a security context.
Syntax
KSECDDDECLSPEC SECURITY_STATUS SEC_ENTRY QueryContextAttributesW(
[in] PCtxtHandle phContext,
[in] unsigned long ulAttribute,
[out] void *pBuffer
);
Parameters
[in] phContext
A handle to the security context to be queried.
[in] ulAttribute
The attribute of the context to be returned. This parameter can be one of the following values. Unless otherwise specified, the attributes are applicable to both client and server.
Value | Meaning |
---|---|
|
The pBuffer parameter contains a pointer to a SecPkgContext_AccessToken structure that specifies the access token for the current security context.
This attribute is supported only on the server. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_AccessToken structure that specifies the access token for the current security context.
This attribute is supported only on the server. |
|
The pBuffer parameter contains a pointer to a CERT_TRUST_STATUS structure that specifies trust information about the certificate.
This attribute is supported only on the client. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_ClientCreds structure that specifies client credentials.
The client credentials can be either user name and password or user name and smart card PIN. This attribute is supported only on the server. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_ClientCreds structure that specifies client credentials.
If the client credential is user name and password, the buffer is a packed KERB_INTERACTIVE_LOGON structure. If the client credential is user name and smart card PIN, the buffer is a packed KERB_CERTIFICATE_LOGON structure. If the client credential is an online identity credential, the buffer is a marshaled SEC_WINNT_AUTH_IDENTITY_EX2 structure. This attribute is supported only on the CredSSP server. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not supported. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_PackageInfo structure that specifies the name of the authentication package negotiated by the Microsoft Negotiate provider. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_PackageInfo structure.
Returns information on the SSP in use. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_Flags structure that specifies information about the flags in the current security context.
This attribute is supported only on the client. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_Sizes structure.
Queries the sizes of the structures used in the per-message functions and authentication exchanges. |
|
The pBuffer parameter contains a pointer to a SecPkgContext_SubjectAttributes structure.
This value returns information about the security attributes for the connection. This value is supported only on the CredSSP server. Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not supported. |
[out] pBuffer
A pointer to a structure that receives the attributes. The structure type depends on the value of the ulAttribute parameter.
Return value
If the function succeeds, it returns SEC_E_OK.
If the function fails, it can return the following error codes.
Return code/value | Description |
---|---|
|
The function failed. The phContext parameter specifies a handle to an incomplete context. |
|
The function failed. The value of the ulAttribute parameter is not valid. |
Remarks
The structure pointed to by the pBuffer parameter varies depending on the attribute being queried.
While the caller must allocate the pBuffer structure itself, the SSP allocates any memory required to hold variable-sized members of the pBuffer structure. Memory allocated by the SSP must be freed by calling the FreeContextBuffer function.
Note
The sspi.h header defines QueryContextAttributes as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows Vista [desktop apps only] |
Minimum supported server | Windows Server 2008 [desktop apps only] |
Target Platform | Windows |
Header | sspi.h (include Security.h) |
Library | Secur32.lib |
DLL | Secur32.dll |