Re: How to create the SPNEGO token used in CIFS/SMB authentication?
From: Richard Ward (richardw_at_delete-yellow-dogs.com)
Date: 08/17/05
- Previous message: Andrew Hayes: "Re: Win2k3 SP1 security policy changes - COM dies after SP1 install"
- In reply to: Chuck: "How to create the SPNEGO token used in CIFS/SMB authentication?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 16 Aug 2005 22:55:43 -0700
The security blob returned in the NEGPROT_RESPONSE from the
server to the client (prior to the SESSION_SETUP_ANDX) is non-standard,
and used simply as an optimization, and a hint for credential choice. The
redirector and server components call SSPI, just like everyone else. You
can
get that hint blob on the server side by calling AcceptSecurityContext
without
an input blob.
"Chuck" <changxun@gmail.com> wrote in message
news:edCHU5UmFHA.3256@TK2MSFTNGP12.phx.gbl...
> Dear all,
>
> Is there any Windows API available to generate SPNEGO tokens as the
> security
> blobs used in CIFS/SMB authentication? For example, how to generate the
> NegTokenInit token that lists all the authentication mechanisms supported
> by
> the server machine replying to a client's protocol negotiation request? I
> know it is possible to hard code a SPNEGO token but just wondering if
> there
> is a better way to do it. And, it seems the SSPI library doesn't provide
> this support.
>
> Thanks.
>
> best,
> chuck
>
>
- Previous message: Andrew Hayes: "Re: Win2k3 SP1 security policy changes - COM dies after SP1 install"
- In reply to: Chuck: "How to create the SPNEGO token used in CIFS/SMB authentication?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
