AuthzAccessCheckCallback callback function
The AuthzAccessCheckCallback function is an application-defined function that handles callback access control entries (ACEs) during an access check. AuthzAccessCheckCallback is a placeholder for the application-defined function name. The application registers this callback by calling AuthzInitializeResourceManager.
Syntax
BOOL CALLBACK AuthzAccessCheckCallback(
_In_ AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
_In_ PACE_HEADER pAce,
_In_opt_ PVOID pArgs,
_Inout_ PBOOL pbAceApplicable
);
Parameters
-
hAuthzClientContext [in]
-
A handle to a client context.
-
pAce [in]
-
A pointer to the ACE to evaluate for inclusion in the call to the AuthzAccessCheck function.
-
pArgs [in, optional]
-
Data passed in the DynamicGroupArgs parameter of the call to AuthzAccessCheck or AuthzCachedAccessCheck.
-
pbAceApplicable [in, out]
-
A pointer to a Boolean variable that receives the results of the evaluation of the logic defined by the application.
The results are TRUE if the logic determines that the ACE is applicable and will be included in the call to AuthzAccessCheck; otherwise, the results are FALSE.
Return value
If the function succeeds, the function returns TRUE.
If the function is unable to perform the evaluation, it returns FALSE. Use SetLastError to return an error to the access check function.
Remarks
Security attribute variables must be present in the client context if referred to in a conditional expression, otherwise the conditional expression term referencing them will evaluate to unknown.
For more information, see the How AccessCheck Works and Centralized Authorization Policy overviews.
Requirements
Requirement | Value |
---|---|
Minimum supported client |
Windows XP [desktop apps only] |
Minimum supported server |
Windows Server 2003 [desktop apps only] |
Redistributable |
Windows Server 2003 Administration Tools Pack on Windows XP |