3

First let me explain my desired solution:

I'm making a custom Credential Provider to authenticate a user by sending logon credentials to an external authentication server, then passing the same credentials along with some extra authentication parameters back to the Credential Provider. The Credential Provider then sends these credentials to the Local Security Authority which in turn authenticates the user based on a custom Authentication Package.

I am quite new to programming in Windows, but I've been studying the Credential Provider Technical Reference, so I have some understanding of how it works. What I haven't figured out yet is this: when programming a custom Credential Provider, can I program it to communicate externally like proposed in my example above? I have read somewhere that I can use WinHTTP to send data to and from the Credential Provider. Is this correct?

Regards, bagzera

Vlad
  • 9,180
  • 5
  • 48
  • 67
trbox
  • 476
  • 6
  • 16

2 Answers2

4

First you need to implement the IConnectableCredentialProviderCredential interface which provide a function which called Connect (this method will be called just before GetSerialization) so in this function you can make a connection to your authentication server

James Westgate
  • 11,306
  • 8
  • 61
  • 68
Ibrahim MESLEM
  • 116
  • 4
3

I have written such provider before. There is no problem in using WinHTTP to communicate with external entities. You might run into some issues with HTTPS if you have unsual SSL requirements. All you need to do is to load certificates into the correct stores.

Vlad
  • 9,180
  • 5
  • 48
  • 67
  • 1
    I stuck with the same problem, where I have to make my HTTP call in the credential provider? can you post the sample working code? – SaRaVaNaN DM Nov 05 '17 at 08:09