Is it possible to copy proxy protective blanket from one object to another?

I am trying to write a C ++ wrapper for a COM server out of process (on another computer). I hope to hide all the hideous COM compatibility from users of this class.

The security requirements force me to call CoSetSecurityBlanket on the server proxy. I.e:

CoCreateInstance(CLSID_OutOfProcServer, &proxy);
CoSetProxyBlanket(proxy);

      

        
        
        
      

    

(I have a lot of parameters left). Also, I have to provide credentials in this call, as the server requires a local account.

Now here's the problem. There are many methods on this server that return interfaces and each of these interfaces is a new proxy on my side. This way I have to call CoSetProxyBlanket()

every time I receive it. Here's what I want to do:

• Have my wrapper hide the CoSetProxyBlanket calls (simple enough).
• Avoid storing credentials in memory (damn hard!)

So far I've tried to copy a blanket from one object to another using CoQueryProxyBlanket

and CoSetProxyBlanket

. It doesn't work because I cannot recover the credentials (unless I store them in memory - which I would like to avoid).

What is really frustrating is that I have an authenticated connection to the server. It seems like I should be able to copy my security context to the new proxy. (Or at least tell COM to do this for me when it creates a new proxy.) Is there a way to do this, or am I stuck with storing credentials?