问题
I have a custom usb based fingerprint recognition device. How can I associate the fingerprint on the device with the user of the Windows machine (Using CredentialProvider). Primarily, I want that upon fingerprint scanning automatic login should occur without any prompt for username/password.
What I realise that there should be some registration process to bind fingerprint to the Windows user; but I am unable to find any technical resource in this direction.
Thanks in advance.
回答1:
You will need to create a COM component that support ICredentialProvider and ICredentialProviderCredential interfaces that logon can load and enumerate during login prompt. This will enable you create UI that can be seen in the "welcome" screen.
Check out http://pgina.org/ - The C++ part is a fantastic example on how you can achieve this.
After you component loads you will have to advise "Credential Provider Technical Reference" for your specific event order.
As per the document, you will need to implement the method ICredentialProviderCredential::GetSerialization which will need to return the packed credential to be used from LSA. Now here you have two options:
Create a custom store that maps your fingerprint data to username, domain, password combination in a database of yours. The you serialize the data for NTLM authentication.
Create additionally your own SSP/AP that will authenticate the user using your custom mechanism (https://msdn.microsoft.com/en-us/library/windows/desktop/aa375200(v=vs.85).aspx).
来源:https://stackoverflow.com/questions/43631222/credential-provider-in-windows-for-bio-metric-authentication