|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| No
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| winbase.h
| Unicode
| No
| Platform Notes
| None
|
|
|
OpenThreadToken
The
OpenThreadToken function opens the access token associated with a thread.
BOOL OpenThreadToken(
HANDLE ThreadHandle,
| // handle to thread
|
DWORD DesiredAccess,
| // access to process
|
BOOL OpenAsSelf,
| // flag for process or thread security
|
PHANDLE TokenHandle
| // pointer to handle to open access token
|
);
|
|
Parameters
ThreadHandle
Identifies the thread whose access token is opened.
DesiredAccess
Specifies an access mask that specifies the requested types of access to the
access token. These requested access types are reconciled against the token's
discretionary access-control list (ACL) to determine which accesses are granted
or denied. The following access rights have been defined for access tokens.
Value
| Meaning
|
TOKEN_ADJUST_DEFAULT
| Required to change the default ACL, primary group, or owner of an access token.
|
TOKEN_ADJUST_GROUPS
| Required to change the groups specified in an access token.
|
TOKEN_ADJUST_PRIVILEGES
| Required to change the privileges specified in an access token.
|
TOKEN_ALL_ACCESS
| Combines the STANDARD_RIGHTS_REQUIRED standard access rights and all
individual access rights for tokens.
|
TOKEN_ASSIGN_PRIMARY
| Required to attach a primary token to a process in addition to the
SE_CREATE_TOKEN_NAME privilege.
|
TOKEN_DUPLICATE
| Required to duplicate an access token.
|
TOKEN_EXECUTE
| Combines the STANDARD_RIGHTS_EXECUTE standard access rights and the
TOKEN_IMPERSONATE access right.
|
TOKEN_IMPERSONATE
| Required to attach an impersonation access token to a process.
|
TOKEN_QUERY
| Required to query the contents of an access token.
|
TOKEN_QUERY_SOURCE
| Required to query the source of an access token.
|
TOKEN_READ
| Combines the STANDARD_RIGHTS_READ standard access rights and the TOKEN_QUERY
access right.
|
TOKEN_WRITE
| Combines the STANDARD_RIGHTS_WRITE standard access rights and the
TOKEN_ADJUST_PRIVILEGES, TOKEN_ADJUST_GROUPS, and TOKEN_ADJUST_DEFAULT access rights.
|
OpenAsSelf
Specifies a flag indicating whether the access check is to be made against the
security context of the thread calling the
OpenThreadToken function or against the security context of the process for the calling
thread.
If this parameter is FALSE, the access check is performed using the security
context for the calling thread. If the thread is impersonating a client, this
security context can be that of a client process. If this parameter is TRUE, the
access check is made using the security context of the process for the calling
thread.
TokenHandle
Points to a handle identifying the newly opened access token when the function
returns.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error
information, call
GetLastError.
Remarks
The
OpenAsSelf parameter allows a server process to open the access token for a client
process when the client process has specified the SecurityIdentification
impersonation level for the
SECURITY_IMPERSONATION_LEVEL enumerated type. Without this parameter, the calling process is not be able
to open the client's access token using the client's security context, because
it is impossible to open executive-level objects using the
SecurityIdentification impersonation level.
See Also
AdjustTokenGroups,
AdjustTokenPrivileges,
GetTokenInformation,
OpenProcessToken,
SetThreadToken,
SetTokenInformation
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
