Stack Overflow
Stack Overflow

Questions tagged [sspi]

Use for questions having to do with the Security Support Provider Interface (SSPI) API.

The Security Support Provider Interface () is a Microsoft Windows API used to perform security-related operations such as authentication. It is implemented as a a dynamic-link library (DLL) supplied with the operating system. SSPI is the means by which the operating system loads SSPs (Security Support Providers), such as Kerberos and NTLM, when the system boots. The SSPI is the implementation of the Generic Security Service API () in Windows.

This article, while dated, is a good primer on : Logon and Authentication Technologies

214 questions
1
vote
1 answer

Logical workflow steps for CreateProcessAsUser to ImpersonateLoggedOnUser and DuplicateHandle all to run a command as the user?

Coming from Windows C# Is there a way to create a new process with the Kerberos ticket of parent process? support kerberos constrained delegation using SSPI for multiprocess I'm trying to copy Kerberos credentials from one process to another to…
jangooni
  • 167
  • 3
  • 11
1
vote
0 answers

C# FluentFTP Connection error - FTPS Windows 7

I try to establish a FTPS connection (explicit). On Windows 10, my program works fine, but on Windows 7 I have an error. I use the FluentFTP library in C#. I have already tried to change the SslProtocols with Tls,Tls11,Tls12, but it doesn't work. …
Bastien Cuenot
  • 117
  • 1
  • 1
  • 9
1
vote
0 answers

TranslateName() function doesn't work on win10

my working computer is win10, and I am using vs2015, now I've met a weird issue. I can get the NameSamCompatible name by the following source code: const int UNLEN = 100; TCHAR Username[UNLEN + 1]; DWORD nULen =…
winnie_quest
  • 31
  • 4
1
vote
0 answers

SSPI client requires less iterations than GSSAPI server

I'm using nsspi to call SSPI APIs from a C# application for the client side. I'm using cyrus sasl with a MIT Kerberos GSSAPI implementation on the server side. The two protocols seem to talk to each other but the server seems to require more…
Dean
  • 6,610
  • 6
  • 40
  • 90
1
vote
1 answer

NodeSSPI 2 Minute Timeout on Post

When I send a request to my server I have no problem, but when I POST I run into a server timeout. (2 minutes by default, but if I add server.setTimeout(15000) I get a 15 second delay.) Once the server times out the process completes as expected. …
user10364590
  • 21
  • 3
1
vote
1 answer

How to logon a user on a server and run a process given a Kerberos Ticket

How does authentication and logon work on Windows with Kerberos? What I want to achieve is to logon a user on a server and run a process for that user. As a first step, I create a Kerberos ticket on the client and send it to the server. On the…
Spiegelritter
  • 806
  • 1
  • 7
  • 16
1
vote
1 answer

Kerberos Token asks to be called again to complete the context

I am attempting to obtain a Kerberos Token from a C# Application (not web-based, a standalone executable). I have referred to this question to figure out how to do it, but even trying both answers, I get the same problem. When I reach the GetToken…
Kaito Kid
  • 983
  • 4
  • 15
  • 34
1
vote
1 answer

support kerberos constrained delegation using SSPI for multiprocess

I need to support Kerberos constrained delegation for our C++ HTTP server product on Windows using SSPI. For a single process server, the follow workflow can be used and I have a working prototype. 1) Call AcquireCredentialsHandle 2) Call…
user10193831
  • 13
  • 4
1
vote
1 answer

Getting Kerberos Service Ticket Using Waffle in Java

I am working on true SSO in Java application running on Windows 10. My application already has Kerberos auth using Java's GSSAPI (but it obviously does not work on any modern Windows, especially with strict security policies and domain users), so I…
Chlorek
  • 138
  • 7
1
vote
1 answer

Implementing mutual authentication with LDAP API and SSPI

I would like to ask you a question about implementing mutual authentication with Kerberos, using SSPI and LDAP API. I am using the guidelines described in: ldap_sasl_bind_s(GSSAPI) - What should be provided in the credentials BERVAL structure. Here…
Juan Alvarez
  • 131
  • 5
1
vote
1 answer

InitializeSecurityContext (Schannel) returns SEC_I_INCOMPLETE_CREDENTIALS unexpectedly

I have implemented a code for creating a secure connection using SSPI. I use it for sending mail over SMTP. It works fine with smtp.gmail.com and some other servers which I tried it with. But it doesn't work with smtp.live.com. The second call of…
CITBL
  • 1,587
  • 3
  • 21
  • 36
1
vote
0 answers

How to connect with Java to PostgreSQL 9.3 using SSPI?

I want to connect to my local PostgreSQL using SSPI. I have changed the pg_hba.conf file to look like for both IPv4 and IPv6 : host all userName 127.0.0.1/32 sspi host all all 127.0.0.1/32 …
naoumm
  • 69
  • 1
  • 1
  • 5
1
vote
0 answers

Calling AcquireCredentialsHandle after ImpersonateSecurityContext returns no credentials

I am writing a server supporting Kerberos which needs to accept delegated credentials from a client, impersonate that client, and perform another kerberos conversation with a remote server acting as the client. Currently, the server completes the…
Craig Wilson
  • 12,174
  • 3
  • 41
  • 45
1
vote
0 answers

InitializeSecurityContext (Kerberos) C++ client with ApacheDs kdc

I'm trying to do SASL auth betweeen a windows C++ client and a java server. On the client side I'm doing: AcquireCredentialsHandle(NULL, "Kerberos", SECPKG_CRED_OUTBOUND, NULL, &credentials, NULL, NULL, &hCred,…
rigazilla
  • 131
  • 1
  • 1
  • 8
1
vote
0 answers

Example of C++ client DIGEST-MD5 sasl auth with windows

Can someone help me with a simple example on how to authenticate against a java sasl server a windows C++ client with windows API: I mean using AcquireCredentialsHandle, InitializeSecurityContext... The best result I got at the moment is with this…
rigazilla
  • 131
  • 1
  • 1
  • 8
1 2 3
14 15