Stack Overflow
Stack Overflow

Questions tagged [sspi]

Use for questions having to do with the Security Support Provider Interface (SSPI) API.

The Security Support Provider Interface () is a Microsoft Windows API used to perform security-related operations such as authentication. It is implemented as a a dynamic-link library (DLL) supplied with the operating system. SSPI is the means by which the operating system loads SSPs (Security Support Providers), such as Kerberos and NTLM, when the system boots. The SSPI is the implementation of the Generic Security Service API () in Windows.

This article, while dated, is a good primer on : Logon and Authentication Technologies

214 questions
3
votes
1 answer

Is impersonation in Win32 per thread?

Is calling ImpersonateSecurityContext on the server impersonating the client on the calling thread or for the entire process. The documentation is a bit vague on the matter as it states that "The function creates an impersonation token and allows…
dalle
  • 18,057
  • 5
  • 57
  • 81
3
votes
0 answers

Problem with SSPI/Kerberos authorization on windows service

Dear programmers! Today I have faced a serious problem, that I don't know how to approach. I'm trying to implement an authorization service, using SSPI/Kerberos. I'm testing it on my local computer. When I implement server size as a windows service…
Eldar Isayev
  • 31
  • 2
3
votes
0 answers

SSPI SEC_E_WRONG_PRINCIPAL with bad SPN

With SSPI, I'm trying to connect my win7 to a win2008-r2 domain controller. The win7 is connected to the DC without any problem. So, on domain controller I create a new SPN C:\> setspn -A test/value vmlab-wdc01 I check the new entry C:\setspn -l…
Stef
  • 3,691
  • 6
  • 43
  • 58
3
votes
2 answers

EncryptMessage returns SEC_E_INVALID_TOKEN

When using the EncryptMessage (SChannel) from the win32 API with a valid context, I am supplying the four buffers in the correct order I get the SEC_E_INVALID_TOKEN response which according to the documentation is No SECBUFFER_DATA type buffer was…
Bruce
  • 440
  • 1
  • 12
  • 19
3
votes
3 answers

How CreateProcessAsUser on Windows Using Delegated Credentials from SSPI?

I work on a Kerberos logon infrastructure (Single Sign-On) with: A client which is authenticated to the Kerberos Key Distribution Center. A principal service server using Kerberos as authentication. Server Program is coded in C++. I have no…
Axel Borja
  • 3,718
  • 7
  • 36
  • 50
3
votes
1 answer

Using SSPI with Ruby TinyTDS - possible?

After some anguish trying to connect to a SQLServer database with Ruby, I finally discovered TinyTDS and it's fantastic. However, it requires a username and password to talk to the database. In C# tests in the past, we've used SSPI to supply…
Mark Mayo
  • 12,230
  • 12
  • 54
  • 85
3
votes
2 answers

SSLStream: "A Call to SSPI Failed" Exception

I have a strange problem: I wrote a server and client in c# based on .net2 which are chatting over the .net 2 SslStream. There is 1 Connection for sending commands between Cl and S and theres one connection for sending files between cl and…
Tearsdontfalls
  • 767
  • 2
  • 13
  • 32
3
votes
1 answer

Looking for Platform SDK SSPI(Schannel) sample c++

I want to see a microsoft sample that demonstrate using of SSPI with Schannel. As I see here there is a such sample, but I cannot succeed to find it :( Can anyone please help me to find it? Thanks in advance!
RRR
  • 3,937
  • 13
  • 51
  • 75
3
votes
0 answers

Win SSPI(Schannel) - who is responsible to allocate and clean memory?

I want to establish TLS connection using by Win SSPI(Schannel) interface. I am at the stage of encrypt- decrypt process, and I find myself really confused - who is responsible to manage the memory allocations? : When I want to send a data packet to…
RRR
  • 3,937
  • 13
  • 51
  • 75
2
votes
2 answers

integrated SQL-server authentication from untrusted domain

I really want to use SQL-server from a C#/.NET appliaction without using SQL-Server accounts or adding the affected computer to the same domain or to any domain at all or to use the same logon-name as the domain. Isn't there any way? Did someone try…
Christian
  • 2,903
  • 4
  • 31
  • 34
2
votes
5 answers

How much data to receive from server in SSL handshake before calling InitializeSecurityContext?

In our Windows C++ application I am using InitializeSecurityContext() client side to open an schannel connection to a server which is running stunnel SSL proxy. My code now works, but only with a hack I would like to eliminate. I started with this…
DebbyM
  • 31
  • 1
  • 3
2
votes
2 answers

SSPI Connection in .Net 2.0 Web Service

I'm trying to test a .Net 2.0 Web Service I created in C#. One of our servers is on windows 2000 and can currently only support .Net 2.0 . I can test it local to my machine and it works fine but when I move it to the target server for production it…
Chris Klepeis
  • 9,783
  • 16
  • 83
  • 149
2
votes
2 answers

C# p/invoke Secur32.dll problems

I'm trying to wrap the Secur32.dll's EnumerateSecurityPackages function which is declared below: SECURITY_STATUS SEC_Entry EnumerateSecurityPackages( __in PULONG pcPackages, __in PSecPkgInfo *ppPackageInfo ); I have the following C# code, but…
chotchki
  • 4,258
  • 5
  • 34
  • 55
2
votes
1 answer

Authenticate with Windows Credentials in Python

I am working on developing an API call which needs to authenticate to a proxy. I have managed to do this by explicitly entering my proxy information. Like so: import requests proxies = {'https': "https://user:password@proxyIP:port"} response =…
Joe
  • 2,641
  • 5
  • 22
  • 43
2
votes
1 answer

No credentials in security package when requesting a Kerberos ticket while impersonating another user

Context: Custom reverse proxy/API Gateway built in C# on top of IIS and IIS Rewrite-rules, making use of OWIN middleware. Goal: I'd like the proxy to authenticate the incoming request first(this is easily configured in IIS). Having the identity…
valorl
  • 1,499
  • 2
  • 14
  • 30
1 2 3
14 15