Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The RPC protocol extensions specify the following values for the authentication levels.
|
Name |
Value |
Meaning |
|---|---|---|
|
RPC_C_AUTHN_LEVEL_DEFAULT |
0x00 |
Same as RPC_C_AUTHN_LEVEL_CONNECT |
|
RPC_C_AUTHN_LEVEL_NONE |
0x01 |
No authentication. |
|
RPC_C_AUTHN_LEVEL_CONNECT |
0x02 |
Authenticates the credentials of the client and server. |
|
RPC_C_AUTHN_LEVEL_CALL |
0x03 |
Same as RPC_C_AUTHN_LEVEL_PKT. |
|
RPC_C_AUTHN_LEVEL_PKT |
0x04 |
Same as RPC_C_AUTHN_LEVEL_CONNECT but also prevents replay attacks. |
|
RPC_C_AUTHN_LEVEL_PKT_INTEGRITY |
0x05 |
Same as RPC_C_AUTHN_LEVEL_PKT but also verifies that none of the data transferred between the client and server has been modified. |
|
RPC_C_AUTHN_LEVEL_PKT_PRIVACY |
0x06 |
Same as RPC_C_AUTHN_LEVEL_PKT_INTEGRITY but also ensures that the data transferred can only be seen unencrypted by the client and the server. |
If the higher-level application or protocol requests an authentication level that the implementation or security provider does not support, it MUST upgrade the request to the next highest supported level. RPC_C_AUTHN_LEVEL_PKT_PRIVACY MUST be supported.
On the client side, if the higher-level protocol requests RPC_C_AUTHN_LEVEL_CALL, the implementation MUST upgrade it to RPC_C_AUTHN_LEVEL_PKT. Similarly, on the server side, if the auth_level field of the sec_trailer structure as specified in sections 2.2.2.11 and 2.2.3.4 is RPC_C_AUTHN_LEVEL_CALL, the implementation MUST process it in the same manner as a packet with auth_level RPC_C_AUTHN_LEVEL_PKT.
Also, on the client side, if the higher-level protocol requests RPC_C_AUTHN_LEVEL_DEFAULT, the implementation MUST use RPC_C_AUTHN_LEVEL_CONNECT instead.