3.3.3.4.3.2 Abstract Interface RpcImpersonateClient

A server thread that is processing a client remote procedure call can call the RpcImpersonateClient abstract interface to impersonate the active client.

 void RpcImpersonateClient(RPC_BINDING_HANDLE BindingHandle);
  

Binding handle on the server that represents a binding to a client. The server impersonates the client indicated by this handle. 

If a NULL binding handle argument is provided then the Security Context of the client making the RPC call is obtained as if by calling pthread_getspecific using CURRENT_CALL_OBJECT_REF_KEY (see section 3.3.3.7.2) as a thread specific data key to retrieve a pointer or handle to the Server Call object.

The Server Call object contains a Security Context Handle. The Security Context Handle identifies the required Token representative of the active client. The Token is retrieved from the security context using the implementation-specific equivalent of the GSS_Inquire_context as specified in [RFC2743] section 2.2.6.<122>

After the token is retrieved it is used by the underlying security infrastructure for access checks on secured objects until either another call to RpcImpersonateClient is made or RpcRevertToSelf is called. This is the equivalent to supplying the retrieved token as the Token parameter to the Access Check Algorithm defined in [MS-DTYP] section 2.5.3.2 whenever access checks for a secured object are performed.