Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

AcquireCredentialsHandle using Kerberos mutual authentication.

66 views
Skip to first unread message

John Kelly

unread,
Mar 1, 2001, 10:41:16 AM3/1/01
to
Could someone explain to me the use of pszPrincipal in
AcquireCredentialsHandle ?

I know that authentication SSPI is a client/server type of arrangement. I am
tyring to form a peer-to-peer connection between two processes which are
each running in the context of userid which has an associated
servicePrincipalName.

I (probably incorrectly) assumed that could specify the initiators
servicePrincipalName as pszPrincipal on AcquireCredentialsHandle.

Unfortunately even if the SPN has not been created for the Initaior,
AcquireCredentialsHandle returns 0.

I'm probably completely off-track on this, but would appreciate it if
someone could at least put me straight and tell me what i'm doing doesn't
make sense.

Is there any documentation which describes the role of pszPrincipal in
AcquireCredentialsHandle ?

I've scoured the web, but to no avail.

thansk in advance
regards
john


Richard Ward

unread,
Mar 30, 2001, 1:47:51 AM3/30/01
to

Right now, it must be null. If you are trying to use an alternate identity,
you need to fill out a SEC_WINNT_AUTH_IDENTITY structure and pass it in the
pvAuthData parameter. You will still need to supply the SPN of the target
to InitializeSecurityContext.

"John Kelly" <john_...@uk.ibm.com> wrote in message
news:uK9d6XmoAHA.1384@tkmsftngp02...

0 new messages