sspi

问题 I have an application that uses the System.Net.Security.SslStream class to make a secure connection to a server. On Windows 7 and Windows 8/8.1, this works fine. On Windows 10, the call to SslStream.AuthenticateAsClient throws an exception - "AuthenticationException: A call to SSPI failed, see inner exception". The inner exception is "Win32Exception: The Local Security Authority cannot be contacted". This is not specific to one Windows 10 machine. I thought that it might have something to do

问题 I have an application that uses the System.Net.Security.SslStream class to make a secure connection to a server. On Windows 7 and Windows 8/8.1, this works fine. On Windows 10, the call to SslStream.AuthenticateAsClient throws an exception - "AuthenticationException: A call to SSPI failed, see inner exception". The inner exception is "Win32Exception: The Local Security Authority cannot be contacted". This is not specific to one Windows 10 machine. I thought that it might have something to do

问题 How can we configure which Encryption Ciphers a Java Waffle SSPI Kerberos Single Sign On (SSO) client should use? How can we best debug which ciphers are actually being used by the client and server? Background We need to restrict the Encryption Ciphers used for Kerberos SSO, removing ciphers now considered weak. Our Setup The Java Application Server implements SSO via pure Java GSSAPI. The Java Client implements SSO by two configurable SSO APIs: On Linux or Windows 10 without Credential

问题 I work on a Kerberos logon infrastructure (Single Sign-On) with: A client which is authenticated to the Kerberos Key Distribution Center. A principal service server using Kerberos as authentication. Server Program is coded in C++. I have no problem to create a context between my principal (client) and my service principal (server). I also delegated my client credentials to the server, because I need to create a process on the server using client user credentials. And this is my problem, on

问题 I work on a Kerberos logon infrastructure (Single Sign-On) with: A client which is authenticated to the Kerberos Key Distribution Center. A principal service server using Kerberos as authentication. Server Program is coded in C++. I have no problem to create a context between my principal (client) and my service principal (server). I also delegated my client credentials to the server, because I need to create a process on the server using client user credentials. And this is my problem, on

问题 I am using below code in c#, string Subject = "test12"; MailMessage mail = new MailMessage(); mail.To.Add(item.ToString()); mail.From = new MailAddress(EmailUserName); mail.Subject = Subject; mail.Body = PopulateBody(); mail.IsBodyHtml = true; SmtpClient client = new SmtpClient(EmailHost, EmailPort); client.EnableSsl = true; NetworkCredential credentials = new NetworkCredential(EmailUserName, EmailPassword); client.UseDefaultCredentials = false; client.Credentials = credentials; client.Send

问题 I am using below code in c#, string Subject = "test12"; MailMessage mail = new MailMessage(); mail.To.Add(item.ToString()); mail.From = new MailAddress(EmailUserName); mail.Subject = Subject; mail.Body = PopulateBody(); mail.IsBodyHtml = true; SmtpClient client = new SmtpClient(EmailHost, EmailPort); client.EnableSsl = true; NetworkCredential credentials = new NetworkCredential(EmailUserName, EmailPassword); client.UseDefaultCredentials = false; client.Credentials = credentials; client.Send

问题 I am using below code in c#, string Subject = "test12"; MailMessage mail = new MailMessage(); mail.To.Add(item.ToString()); mail.From = new MailAddress(EmailUserName); mail.Subject = Subject; mail.Body = PopulateBody(); mail.IsBodyHtml = true; SmtpClient client = new SmtpClient(EmailHost, EmailPort); client.EnableSsl = true; NetworkCredential credentials = new NetworkCredential(EmailUserName, EmailPassword); client.UseDefaultCredentials = false; client.Credentials = credentials; client.Send

问题 I'm trying to implement Single Sign On in an http.sys-based server (using IOCP), and I'm having weird issues with AcceptSecurityContext, which will randomly fail with SEC_E_LOGON_DENIED. I'm getting the failure randomly when connecting from the same client machine to the same server machine (about 50% of the time), even when there is only one client with only one http connection. Both machines are in the same domain, neither of them are domain controlers. The call that fails is the 2nd (and

问题 While trying to solve this problem we noticed a difference between the SPNEGO Requests (KRB_AP_REQ) from our GSSAPI and SSPI client implementations: Using GSSPI the mutalFlag is set to False Using SSPI the mutualFlag is set to True. In our Java code calling GSSAPI we can explicitly set the flag to true or false as required, but I have found no way to do this using Waffle / SSPI. Searching the Waffle code on Github for “mutual” gave only one hit: for the constant ISC_REQ_MUTUAL_AUTH Is there a