SChannel
From: Denis Issoupov (denis@nisid.com)
Date: 01/16/03
- Next message: Nick P.: "Re: ADMIN PASSWORD"
- Previous message: DaPostman: "Admin's password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Denis Issoupov" <denis@nisid.com> Date: Thu, 16 Jan 2003 10:16:30 -0500
Hi there,
is somebody familiar with SChannel in DCOM?
The question is how to turn off the default Certificate Mapping in SChannel
and implement DCOM client authentication manually on server-side.
The service initializes security with SChannel enabled by calling:
SOLE_AUTHENTICATION_SERVICE AuthSvc[2];
AuthSvc[0].dwAuthnSvc = RPC_C_AUTHN_GSS_SCHANNEL;
AuthSvc[0].dwAuthzSvc = RPC_C_AUTHZ_NONE;
AuthSvc[0].hr = S_OK;
AuthSvc[0].pPrincipalName = (LPWSTR)m_pSSLCert.m_pCtx;
...
hr = CoInitializeSecurity( NULL,
_countof(AuthSvc),
AuthSvc,
NULL,
RPC_C_AUTHN_LEVEL_CALL,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_ANY_AUTHORITY|EOAC_STATIC_CLOAKING,
NULL );
1. What function can we call prior or after CoInitializeSecurity() to
establish a custom authentication?
2. The Schannel.dll exports EnableCertMapping function. Is it possible to
call EnableCertMapping() from user process to disable default mapping?
3. Is it possible to create a Subauthentiacation Package for Schannel to
make certificate mapping?
4. What else can we do to achieve that?
Regards,
Denis
- Next message: Nick P.: "Re: ADMIN PASSWORD"
- Previous message: DaPostman: "Admin's password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
