COAUTHINFO structure (wtypesbase.h)
Contains the authentication settings used while making a remote activation request from the client computer to the server computer.
Syntax
typedef struct _COAUTHINFO {
DWORD dwAuthnSvc;
DWORD dwAuthzSvc;
LPWSTR pwszServerPrincName;
DWORD dwAuthnLevel;
DWORD dwImpersonationLevel;
COAUTHIDENTITY *pAuthIdentityData;
DWORD dwCapabilities;
} COAUTHINFO;
Members
dwAuthnSvc
The authentication service to be used. For a list of values, see Authentication Service Constants. Use RPC_C_AUTHN_NONE if no authentication is required. RPC_C_AUTHN_WINNT is the default and RPC_C_AUTHN_GSS_KERBEROS is also supported.
dwAuthzSvc
The authorization service to be used. For a list of values, see Authorization Constants. To use the NT authentication service, specify RPC_C_AUTHZ_NONE.
pwszServerPrincName
The server principal name to use with the authentication service. If you are using RPC_C_AUTHN_WINNT, the principal name must be NULL.
dwAuthnLevel
The authentication level to be used. For a list of values, see Authentication Level Constants.
As of Windows Server 2003, remote activations use the default authentication level specified in the CoInitializeSecurity dwAuthnLevel parameter. In previous versions of Windows, RPC_C_AUTHN_LEVEL_CONNECT was always used for the security level unless another level was explicitly specified.
dwImpersonationLevel
The impersonation level to be used. For a list of values, see Impersonation Level Constants. This value must be RPC_C_IMP_LEVEL_IMPERSONATE or above.
pAuthIdentityData
A pointer to a COAUTHIDENTITY structure that establishes a nondefault client identity. If this parameter is NULL, the actual identity of the client is used. Values of structure members are authentication-service specific. This value must be NULL if dwAuthnSvc does not specify either the NTLMSSP or Kerberos network authentication protocol is used as the authorization service.
dwCapabilities
Indicates additional capabilities of this proxy. Currently, this member must be EOAC_NONE (0x0) or RPC_C_QOS_CAPABILITIES_MUTUAL_AUTH (0x1). Use RPC_C_QOS_CAPABILITIES_MUTUAL_AUTH if Kerberos is required.
Remarks
If pAuthInfo in COSERVERINFO is set to NULL, Snego will be used to negotiate an authentication service that will work between the client and server. However, a non-NULLCOAUTHINFO structure can be specified for pAuthInfo to meet any one of the following needs:
- To specify a different client identity for computer remote activations. The specified identity will be used for the launch permission check on the server rather than the real client identity.
- To specify that Kerberos, rather than NTLMSSP, is used for machine remote activation. A nondefault client identity may or may not be specified.
- To request unsecure activation.
- To specify a proprietary authentication service.
If you set dwAuthzSvc, pwszServerPrincName, dwImpersonationLevel, or dwCapabilities to incorrect values and call either CoGetClassObject or CoCreateInstanceEx, these functions do not return E_INVALIDARG or a similar error. Default values are used instead of the incorrect values.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows 2000 Professional [desktop apps | UWP apps] |
Minimum supported server | Windows 2000 Server [desktop apps | UWP apps] |
Header | wtypesbase.h (include WTypes.h) |