sspi

How to specify accepted certificates for Client Authentication in .NET SslStream

I am attempting to use the .Net System.Security.SslStream class to process the server side of a SSL/TLS stream with client authentication. To perform the handshake, I am using this code: SslStream sslStream = new SslStream(innerStream, false, RemoteCertificateValidation, LocalCertificateSelectionCallback); sslStream.AuthenticateAsServe...

Novell client and windows SSO

Does the novell gina install a specific security provider that can be used via SSPI? Does it have to called out specifically or is SPNEGO good enough? Will that support single sign on if the novell gina is installed on the remote server? ...

Using SSPI (NTLM) Api's With Windows AccessCheck() On Vista With UAC

Summary Client (Windows XP SP3) Server (Windows Vista Business SP1) / Running as LocalSystem Service Api Sequence Client - AcquireCredentialsHandle Client - Initializesecuritycontext Server - Acquirecredentialshandle Server - AcceptSecurityContext Client/Server - CompleteAuthnToken Server - ImpersonateSecurityContext Server - ...

Access CVS through Apache service using SSPI

I'm running an Apache server (v2.2.10) with mod_python, Python 2.5 and Django. I have a small web app that will show the current projects we have in CVS and allow users to make a build of the different projects (the build checks out the project, and copies certain files over with the source stripped out). On the Django dev server, ever...

Unresolved external symbol CompleteAuthToken referenced

While porting a desktop application to windows mobile I've reached the following error: Error LNK2019: unresolved external symbol CompleteAuthToken referenced in function Reading MSDN it tell me that CompleteAuthToken is supported on Windows CE 2.10 and later and I should link against Secur32.lib, but adding that library didn't...

SSPI Connection in .Net 2.0 Web Service

I'm trying to test a .Net 2.0 Web Service I created in C#. One of our servers is on windows 2000 and can currently only support .Net 2.0 . I can test it local to my machine and it works fine but when I move it to the target server for production it produces an error. I want it to use Windows authentication, and have it defined as such i...

integrated SQL-server authentication from untrusted domain

I really want to use SQL-server from a C#/.NET appliaction without using SQL-Server accounts or adding the affected computer to the same domain or to any domain at all or to use the same logon-name as the domain. Isn't there any way? Did someone try to do this using the MONO implementation of SSPI? ...

How to Setup Multiple Authentication Types for 1 Subversion Repo?

We have an SVN 1.4 repository that uses Apache 2.0 for authentication; specifically, the mod-auth-sspi module to authenticate with our Windows Domain. The relevant portion of httpd.conf looks like this: <Location /svn> AuthType SSPI AuthName "My Subversion" SSPIAuth On SSPIAuthoritative On SSPIDomain MYDOMAIN SS...

Alternatives to LogonUser for network impersonation (C++)

Are there any alternatives to LogonUser and for impersonating given account in order to access network resources? I'm looking for the method of impersonation which would let me connect to machine in foreign domains (or, workgroup machines for the same matter). For initial data I have: machine name, username (or domain\username), cleart...

Need a csharp signature for AcquireCredentialsHandle win32 api function

I have somehow come out with a signature for this api call, but the call does not work in the expected fashion. Some vital data structures are not get populated properly hence I am not getting intended output. The signature I've used is: [DllImport("secur32.dll", SetLastError = true)] static extern ulong AcquireCredentialsHandle( ...

Windows user credential validation on a different domain

Hi, I'm trying to validate a user's windows credentials on a computer that's not joined to the domain. It seems like this should be possible to do using the SSPI API, but I haven't been able to get it to work. I included the code that I've been trying (resource cleanup omitted for brevity). These are the important pieces of informatio...

NTLM proxy without password?

I work on a corporate windows network (which I log in to) with a HTTP proxy. When I use Internet Explorer it magically uses the proxy without me needing to type in my password. Certain other programs seem to manage this too, like JavaWebStart has a "use browser settings" option. However when I use scripts/programs like curl or wget to f...

Simple client/server, TCP/IP encrypting the message stream, SSL (C++)

Hi, Basically my question is the exact same one as this: http://stackoverflow.com/questions/937459/simple-client-server-tcp-ip-encrypting-the-message-stream-ssl The difference is that I need this for pure C++, not .NET. I cannot use 3rd party libraries, so unless it's a Windows system component (like the above) I need something with ...

AcquireCredentialsHandle returns SEC_E_NO_CREDENTIALS

Hi I have managed to open the certificate store by using CertOpenSystemStore and I can find my self signed certificate (created using OpenSSL) using CertFindCertificateInStore which I installed through the MMC console on Windows Vista Ultimate. However I am not sure what this error really means as I have been unable to spot the answer i...

EncryptMessage returns SEC_E_INVALID_TOKEN

Hi When using the EncryptMessage (SChannel) from the win32 API with a valid context, I am supplying the four buffers in the correct order I get the SEC_E_INVALID_TOKEN response which according to the documentation is No SECBUFFER_DATA type buffer was found. I know that the set of pvBuffers should be allocated from contiguous memory for ...

Cannot create SSPI context

Hi All, I am working on a .NET application where I am trying to build the database scripts. While building the project, I am getting an error "Cannot create SSPI context.". This error is shown in the output window (inside VS2008 screen) and the building process failed. Please help on this. SQL Server is configured to work on Windows aut...

Exception on SslStream.AuthenticateAsClient (The message was badly formatted)

I have got wierd problem going on. I am trying to connect to Apple server via TCP/SSL. I am using a Client certificate provided by Apple for push notifications. I installed the certificate on my server (Win2k3) in both Local Trusted Root certificates and Local Personal Certificates folder. Now I have a class library that deals with that...

WCF: Why does passing in a remote endpoint fail?

The problem I am having connecting a wcf client application to a host running on a separate machine is documented in a question previously asked: http://stackoverflow.com/questions/489915/wcf-why-does-passing-in-a-remote-endpoint-fail However, the solution provided here says you need to use a SpnEndpointIdentity with an empty string. S...

Compilable C++ code to implement a secure SLL/TLS client using MS SSPI

As described here http://www.ddj.com/cpp/184401688 I do not have time to write this from scratch. Asked and not answered http://stackoverflow.com/questions/434961/implementing-ssl THE QUESTION IS: I am looking for some compilable working source code that implements MS SSPI (as alluded to in the thread above), procedural not OOP prefe...

SSPI Negotiate not found

Hi! I'm using Windows XP Pro SP3. I want to use SSPI functions in my code. I compiled my code, no error. I set the security package to be used to Negotiate, which is recommended. When I start my program, Negotiate cannot be used because it can't be found. So, I tried "Kerberos" instead, and same error: the security package cannot be f...