// This will return a client token when conducted authentication on server side. // This token can be used for impersonation. We use it to create a WindowsIdentity and hand it out to the server app. internal SecurityContextTokenHandle GetContextToken(out Interop.SecurityStatus status) { if ((IsCompleted && IsValidContext) && GlobalLog.IsEnabled) { GlobalLog.AssertFormat("NTAuthentication#{0}::GetContextToken|Should be called only when completed with success, currently is not!", LoggingHash.HashString(this)); } if (IsServer && GlobalLog.IsEnabled) { GlobalLog.AssertFormat("NTAuthentication#{0}::GetContextToken|The method must not be called by the client side!", LoggingHash.HashString(this)); } if (!IsValidContext) { throw new Win32Exception((int)Interop.SecurityStatus.InvalidHandle); } SecurityContextTokenHandle token = null; status = (Interop.SecurityStatus)SSPIWrapper.QuerySecurityContextToken( GlobalSSPI.SSPIAuth, _securityContext, out token); return(token); }
internal static IIdentity GetIdentity(NTAuthentication context) { IIdentity result = null; string name = context.IsServer ? context.AssociatedName : context.Spn; string protocol = context.ProtocolName; if (context.IsServer) { SecurityContextTokenHandle token = null; try { SecurityStatusPal status; SafeDeleteContext securityContext = context.GetContext(out status); if (status.ErrorCode != SecurityStatusPalErrorCode.OK) { throw new Win32Exception((int)SecurityStatusAdapterPal.GetInteropFromSecurityStatusPal(status)); } // This will return a client token when conducted authentication on server side. // This token can be used for impersonation. We use it to create a WindowsIdentity and hand it out to the server app. Interop.SECURITY_STATUS winStatus = (Interop.SECURITY_STATUS)SSPIWrapper.QuerySecurityContextToken( GlobalSSPI.SSPIAuth, securityContext, out token); if (winStatus != Interop.SECURITY_STATUS.OK) { throw new Win32Exception((int)winStatus); } string authtype = context.ProtocolName; // TODO #5241: // The following call was also specifying WindowsAccountType.Normal, true. // WindowsIdentity.IsAuthenticated is no longer supported in CoreFX. result = new WindowsIdentity(token.DangerousGetHandle(), authtype); return(result); } catch (SecurityException) { // Ignore and construct generic Identity if failed due to security problem. } finally { if (token != null) { token.Dispose(); } } } // On the client we don't have access to the remote side identity. result = new GenericIdentity(name, protocol); return(result); }
internal SecurityContextTokenHandle GetContextToken() { Interop.SecurityStatus status; SecurityContextTokenHandle token = GetContextToken(out status); if (status != Interop.SecurityStatus.OK) { throw new Win32Exception((int)status); } return(token); }
private static int GetSecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle safeHandle) { safeHandle = null; try { bool ignore = false; phContext.DangerousAddRef(ref ignore); return(Interop.SspiCli.QuerySecurityContextToken(ref phContext._handle, out safeHandle)); } finally { phContext.DangerousRelease(); } }
private static int GetSecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle safeHandle) { int status = (int)Interop.SecurityStatus.InvalidHandle; safeHandle = null; try { bool ignore = false; phContext.DangerousAddRef(ref ignore); status = Interop.Secur32.QuerySecurityContextToken(ref phContext._handle, out safeHandle); } finally { phContext.DangerousRelease(); } return(status); }
internal IIdentity GetIdentity() { CheckThrow(true); IIdentity result = null; string name = _context.IsServer ? _context.AssociatedName : _context.Spn; string protocol = "NTLM"; protocol = _context.ProtocolName; if (_context.IsServer) { SecurityContextTokenHandle token = null; try { token = _context.GetContextToken(); string authtype = _context.ProtocolName; // TODO #5241: // The following call was also specifying WindowsAccountType.Normal, true. // WindowsIdentity.IsAuthenticated is no longer supported in CoreFX. result = new WindowsIdentity(token.DangerousGetHandle(), authtype); return(result); } catch (SecurityException) { // Ignore and construct generic Identity if failed due to security problem. } finally { if (token != null) { token.Dispose(); } } } // On the client we don't have access to the remote side identity. result = new GenericIdentity(name, protocol); return(result); }
public int QuerySecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle phToken) { return(GetSecurityContextToken(phContext, out phToken)); }
private static int GetSecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle safeHandle) { safeHandle = null; try { bool ignore = false; phContext.DangerousAddRef(ref ignore); return Interop.SspiCli.QuerySecurityContextToken(ref phContext._handle, out safeHandle); } finally { phContext.DangerousRelease(); } }
public int QuerySecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle phToken) { return GetSecurityContextToken(phContext, out phToken); }
internal static extern int QuerySecurityContextToken( ref CredHandle phContext, [Out] out SecurityContextTokenHandle handle);
internal static partial int QuerySecurityContextToken( ref CredHandle phContext, out SecurityContextTokenHandle handle);
public static int QuerySecurityContextToken(SSPIInterface secModule, SafeDeleteContext context, out SecurityContextTokenHandle token) { return(secModule.QuerySecurityContextToken(context, out token)); }
public static int QuerySecurityContextToken(SSPIInterface secModule, SafeDeleteContext context, out SecurityContextTokenHandle token) { return secModule.QuerySecurityContextToken(context, out token); }
public int QuerySecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle phToken) { throw new NotSupportedException(); }
private static int GetSecurityContextToken(SafeDeleteContext phContext, out SecurityContextTokenHandle safeHandle) { int status = (int)Interop.SecurityStatus.InvalidHandle; safeHandle = null; try { bool ignore = false; phContext.DangerousAddRef(ref ignore); status = Interop.Secur32.QuerySecurityContextToken(ref phContext._handle, out safeHandle); } finally { phContext.DangerousRelease(); } return status; }