RpcBindingSetAuthInfo function (rpcdce.h)

The RpcBindingSetAuthInfo function sets a binding handle's authentication and authorization information.

Syntax

RPC_STATUS RpcBindingSetAuthInfo(
  RPC_BINDING_HANDLE       Binding,
  RPC_CSTR                 ServerPrincName,
  unsigned long            AuthnLevel,
  unsigned long            AuthnSvc,
  RPC_AUTH_IDENTITY_HANDLE AuthIdentity,
  unsigned long            AuthzSvc
);

Parameters

Binding

Server binding handle to which authentication and authorization information is to be applied.

ServerPrincName

Pointer to the expected principal name of the server referenced by Binding. The content of the name and its syntax are defined by the authentication service in use.

Note  For the set of allowable target names for SSPs, please refer to the comments in the InitializeSecurityContext documentation.
 

AuthnLevel

Level of authentication to be performed on remote procedure calls made using Binding. For a list of the RPC-supported authentication levels, see the list of Authentication-Level Constants.

AuthnSvc

Authentication service to use. See Note.

Specify RPC_C_AUTHN_NONE to turn off authentication for remote procedure calls made using Binding.

If RPC_C_AUTHN_DEFAULT is specified, the RPC run-time library uses the RPC_C_AUTHN_WINNT authentication service for remote procedure calls made using Binding.

AuthIdentity

Handle to the structure containing the client's authentication and authorization credentials appropriate for the selected authentication and authorization service.When using the RPC_C_AUTHN_WINNT authentication service AuthIdentity should be a pointer to a SEC_WINNT_AUTH_IDENTITY structure (defined in Rpcdce.h). Kerberos and Negotiate authentication services also use the SEC_WINNT_AUTH_IDENTITY structure.

When you select the RPC_C_AUTHN_GSS_SCHANNEL authentication service, the AuthIdentity parameter should be a pointer to an SCHANNEL_CRED structure (defined in Schannel.h). Specify a null value to use the security login context for the current address space. Pass the value RPC_C_NO_CREDENTIALS to use an anonymous log-in context.

Note  When selecting the RPC_C_AUTHN_GSS_SCHANNEL authentication service, the AuthIdentity parameter may also be a pointer to a SCH_CRED structure. However, in Windows XP and later releases of Windows, the only acceptable structure to be passed as the AuthIdentity parameter for the RPC_C_AUTHN_GSS_SCHANNEL authentication service is the SCHANNEL_CRED structure.
 

AuthzSvc

Authorization service implemented by the server for the interface of interest. See Note.

The validity and trustworthiness of authorization data, like any application data, depends on the authentication service and authentication level selected. This parameter is ignored when using the RPC_C_AUTHN_WINNT authentication service.

Note  For more information, see Authentication-Service Constants.
 

Return value

Value Meaning
RPC_S_OK
The call succeeded.
RPC_S_INVALID_BINDING
The binding handle was invalid.
RPC_S_WRONG_KIND_OF_BINDING
This was the wrong kind of binding for the operation.
RPC_S_UNKNOWN_AUTHN_SERVICE
Unknown authentication service.
 
Note  For a list of valid error codes, see RPC Return Values.
 

Remarks

A client application calls the RpcBindingSetAuthInfo function to set up a server binding handle for making authenticated remote procedure calls. A client is not required to call this function.

Unless a client calls RpcBindingSetAuthInfo, no remote procedure calls on the Binding binding handle are authenticated. A server can call RpcBindingInqAuthClient from within a remote procedure call to determine whether that call has been authenticated.

The RpcBindingSetAuthInfo function takes a snapshot of the credentials. Therefore, the memory dedicated to the AuthIdentity parameter can be freed before the binding handle.

Due to varying requirements of different versions of Microsoft RPC, Microsoft recommends that your application maintain a pointer to the AuthIdentity parameter for as long as the binding handle exists. Doing so increases the application's portability.

Windows Server 2003 with SP1 and Windows XP with SP2:  For Windows XP SP2 and Windows Server 2003 SP1, the pointer to the AuthIdentity parameter need not be maintained for the life of the binding handle. This pointer must only be maintained if subsequent calls to RpcBindingInqAuthInfo or RpcBindingInqAuthInfoEx are made.

Note  The RpcBindingSetAuthInfo function must not be called on a binding handle while an RPC call on the same handle is in progress. Doing so produces undefined results.
 

Requirements

Requirement Value
Minimum supported client Windows 2000 Professional [desktop apps | UWP apps]
Minimum supported server Windows 2000 Server [desktop apps | UWP apps]
Target Platform Windows
Header rpcdce.h (include Rpc.h)
Library Rpcrt4.lib
DLL Rpcrt4.dll

See also

MSMQ Security Services

RpcBindingInqAuthInfo

RpcBindingSetOption

RpcServerRegisterAuthInfo