Win32:CredUIConfirmCredentials 行为异常
我将 CredUIConfirmCredentials 与 CredUIPromptForCredentials。
我设置了EXPECT_CONFIRMATION,当凭证首先由 用户对 CredUIConfirmCredentials 的调用按预期返回 NO_ERROR。
但是,在对 CredUIConfirmCredentials 的所有后续调用中,使用相同的 凭据,返回ERROR_INVALID_PARAMETER。这是由 SDK文档为:
尝试确认等待 凭证失败,因为 凭证包含无效或 数据不一致。
这相当令人困惑,因为它们与最初成功保存的凭据完全相同。
如果您为同一密码输入不同密码,则会返回相同的结果 用户名。更令人困惑的是,新的凭证是 实际上持续存在 - 这似乎表明返回值是 实际上表明持久的凭据被覆盖 - 不是 出现错误。我是否遗漏了什么,或者是文档 不正确?
背景
您可以使用 Window 的凭据系统来存储您自己的应用程序的凭据。您告诉 Windows 您想要提示输入某些“目标”的“通用”凭据:
伪代码:
CredUIPromptForCredentials("My Application", ref username, ref password);
然后将导致 Windows 显示一个对话框:
然后您的工作就是检查用户输入的凭据。如果它们有效,您可以通过调用 ConfirmCredentials 告诉 Windows。这是为了确保仅保存有效的凭据:
CredUIConfirmCredentials("My Application", true);
一旦确认凭据有效,Windows 会将它们保存在安全存储中,您可以通过控制面板查看:
关键词:credui、CredUIConfirmCredentials
I'm using CredUIConfirmCredentials in combination with
CredUIPromptForCredentials.
I set the EXPECT_CONFIRMATION, and when the credentials are first provided by
the user the call to CredUIConfirmCredentials returns NO_ERROR as expected.
However, on all subsequent calls to CredUIConfirmCredentials, with the same
credentials, ERROR_INVALID_PARAMETER is returned. This is described by the
SDK docs as:
An attempt to confirm a waiting
credential failed because the
credential contained invalid or
inconsistent data.
which is rather confusing as they are exactly the same credentials that were successfully saved originally.
The same result is returned if you enter a different password for the same
username. What is even more confusing is that the new credentials are
actually persisted - which seems to indicate that the return value is
actually indicating that the persisted credentials were overwritten - not
that there was a error. Am I missing something, or is the documentation
incorrect?
Background
You can use Window's credential system to store credentials for your own application. You tell Windows you want to prompt for "generic" credentials for some "target":
pseudo-code:
CredUIPromptForCredentials("My Application", ref username, ref password);
will then cause Windows to display a dialog box:
It is then your job to check the credentials the user has entered. If they are valid, you tell Windows this by calling ConfirmCredentials. This is to ensure that only valid credentials are saved:
CredUIConfirmCredentials("My Application", true);
Once the credentials have been confirmed as valid, Windows will save them in the secure store, which you can see through the Control Panel:
Keywords: credui, CredUIConfirmCredentials
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我找到了答案:根据设计
,
CredUIConfirmCredentials将返回错误“当无事可做时”。这意味着:记住我的密码复选框,CREDUI_FLAGS_EXPECT_CONFIRMATION标志事实上,当凭据与 MSDN 上记录的存储中已有的凭据相同时,
CredUIConfirmCredentials会失败。 (我知道它已记录,因为我添加到 文档页面。)i found the answer: by design
CredUIConfirmCredentialswill return an error "when there's nothing to do". This means:Rembember my passwordcheck boxCREDUI_FLAGS_EXPECT_CONFIRMATIONflagThe fact that
CredUIConfirmCredentialsfails when the credentials are the same as what's already in the store documented on MSDN. (i know it's documented because i added to the documentation page.)