Re: Smart card authentication with AcquireCredentialsHandle()?
From: Eric Perlin [MS] (ericperl_at_online.microsoft.com)
Date: 10/15/05
- Previous message: Sam Hobbs: "Re: Crypto API and Windows 98 SE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 15 Oct 2005 14:12:01 -0700
You should be able to pass the output of the CredUI API as in the password
case.
-- Eric Perlin [MS] This posting is provided "AS IS" with no warranties, and confers no rights. --- "Deepak" <Deepak@discussions.microsoft.com> wrote in message news:34CB3E97-551C-4F5F-B5D1-187221671DD0@microsoft.com... > In an application that is being developed, the user is re-authenticated by > calling AcquireCredentialsHandle() and passing the pricipal name and > password > obtained through custom UI (or using CredUIPromptforCredentials()) . > However, > when the system is configured to use smart card, the user should be > prompted > for PIN (as it is in GINA). However, it is not clear as to how to use the > PIN > to authenticate the user and obtain the credentials/token from the Domain > controller. Ideally, the AcquireCredentialsHandle() (or some other > function/API ) should be able to pass the PIN to the Kerberos Security > Provider which in turn use the PIN and obtain the certificate from the > smart > card, sign the certificate using the private key on the card and send the > Kerberos AS request to obtain the tickets. > Can soem one provide pointers to the API(s) and/or indicate what are the > steps to authenticate (other than calling SCard APIs) ? > > Thanks, > Deepak
- Previous message: Sam Hobbs: "Re: Crypto API and Windows 98 SE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
