PreviousNext

Authentication

When a client establishes authenticated RPC, it must indicate the authentication service that it wants to use. The possible values are the following:

rpc_c_authn_none
No authentication

rpc_c_authn_dce_secret
DCE shared-secret key authentication

rpc_c_authn_dce_public
DCE public key authentication

rpc_c_authn_default
DCE default authentication service

The value rpc_c_authn_none is used to turn off authentication already established for a binding handle. The default authentication is DCE shared-secret (also known as private key) authentication.

Before a client and server can engage in authenticated RPC, they must "agree'' on which authentication service to use. Specifically, the server must register the "agreed on'' authentication service with the RPC runtime, along with the server's principal name. For its part, the client must select the same service for the server's binding handle. The client indicates the appropriate server by supplying the server's principal name. If the client does not know the server's name, it can use the rpc_mgmt_inq_server_princ_name( ) routine to determine the name.

More:

Cross-Cell Authentication

Protection Levels