How do I handle Negotiate in .NET?

Question

I\'m trying to implement Negotiate (at least the Kerberos part) in a small web server. I\'ve figured out how to get a client to send me a Kerberos Negotiate Authorization he

Answer 1

1. Parse the incoming response token
2. Call Secur32.AcquireCredentialsHandle to get a handle
3. Call Secur32.AcceptSecurityContext passing the handle and the token
4. Call Secur32.QuerySecurityContextToken passing the security context
5. Construct a new WindowsIdentity(hToken) using the output form step 4

If you have any questions about any of these steps, I can elaborate and/or provide some sample code.