Re: AcceptSecurityContext failing with SEC_E_INVALID_TOKEN

On Mar 4, 12:37 pm, Timothy Jewett <jewettw...@xxxxxxxxxxxxx> wrote:
I will look into the following suggestion. If this is the correct way to do
this why is it not in the SSPI\SockAuth sample which is what was used as an
example ? The output of both ISC AND ASC is sent directly to the network.
Also why is the SEC_E_INVALID_TOKEN issued when it is only a partial message ?
Timothy Jewett

""Jeffrey Tan[MSFT]"" wrote:
Hi Timothy,

Thanks for your feedback.

I got this suggestion from our Windows security team architect. I believe
it means that we(client/server code) are responsible to add the data/buffer
length information at the begining of the message, then we may read the
length in the other side and know how long the buffer is.

If I have misunderstood your question, please feel free to tell me, thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
Get notification to my posts through email? Please refer to

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
This posting is provided "AS IS" with no warranties, and confers no rights.- Hide quoted text -

- Show quoted text -

I don't know about the current sample code that may be on MSDN. I do
know that the original sample code for SSPI, the SOCKAUTH sample on
the Platform SDK, did create a structure with the first element the
size of the BLOB in bytes followed by the message.