Querying a Client Context
Applications can call the AuthzGetInformationFromContext function to query information about an existing client context.
The InfoClass parameter of the AuthzGetInformationFromContext function takes a value from the AUTHZ_CONTEXT_INFORMATION_CLASS enumeration that specifies what type of information the function queries.
Security attribute variables must be present in the client context if referred to in a conditional expression; otherwise, the conditional expression term referencing them will be evaluated as unknown. For more information on conditional expressions, see the Security Descriptor Definition Language for Conditional ACEs topic.
Example
The following example queries the client context created in the example from Initializing a Client Context to retrieve the list of SIDs of groups associated with that client context.
BOOL GetGroupsFromContext(AUTHZ_CLIENT_CONTEXT_HANDLE hClientContext)
{
DWORD cbSize = 0;
PTOKEN_GROUPS pTokenGroups=NULL;
LPTSTR StringSid = NULL;
BOOL bResult = FALSE;
int i = 0;
//Call the AuthzGetInformationFromContext function with a NULL output buffer to get the required buffer size.
AuthzGetInformationFromContext(hClientContext, AuthzContextInfoGroupsSids, 0, &cbSize, NULL);
//Allocate the buffer for the TOKEN_GROUPS structure.
pTokenGroups = (PTOKEN_GROUPS)malloc(cbSize);
if (!pTokenGroups)
return FALSE;
//Get the SIDs of groups associated with the client context.
if(!AuthzGetInformationFromContext(hClientContext, AuthzContextInfoGroupsSids, cbSize, &cbSize, pTokenGroups))
{
printf_s("AuthzGetInformationFromContext failed with %d\n", GetLastError);
free(pTokenGroups);
return FALSE;
}
//Enumerate and display the group SIDs.
for (i=pTokenGroups->GroupCount-1; i >= 0; --i)
{
//Convert a SID to a string.
if(!ConvertSidToStringSid(
pTokenGroups->Groups[i].Sid,
&StringSid
))
{
LocalFree(StringSid);
return FALSE;
}
wprintf_s(L"%s \n", StringSid);
}
free(pTokenGroups);
return TRUE;
}
Related topics