// public methods public static SecurityCredential Acquire(SspiPackage package, string username, SecureString password) { long timestamp; var credential = new SecurityCredential(); #if NET452 RuntimeHelpers.PrepareConstrainedRegions(); #endif try { } finally { uint result; if (password == null) { result = NativeMethods.AcquireCredentialsHandle( null, package.ToString(), SecurityCredentialUse.Outbound, IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero, ref credential._sspiHandle, out timestamp); } else { using (var authIdentity = new AuthIdentity(username, password)) { // TODO: make this secure by using SecurePassword result = NativeMethods.AcquireCredentialsHandle( null, package.ToString(), SecurityCredentialUse.Outbound, IntPtr.Zero, authIdentity, 0, IntPtr.Zero, ref credential._sspiHandle, out timestamp); } } if (result != NativeMethods.SEC_E_OK) { credential.SetHandleAsInvalid(); throw NativeMethods.CreateException(result, "Unable to acquire credential."); } } return(credential); }
public static SecurityCredential Acquire(SspiPackage package, string username, MongoIdentityEvidence evidence) { long timestamp; var credential = new SecurityCredential(); RuntimeHelpers.PrepareConstrainedRegions(); try { } finally { uint result; var passwordEvidence = evidence as PasswordEvidence; if (passwordEvidence == null) { result = Win32.AcquireCredentialsHandle( null, package.ToString(), SecurityCredentialUse.Outbound, IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero, ref credential._sspiHandle, out timestamp); } else { using(var authIdentity = new AuthIdentity(username, passwordEvidence.SecurePassword)) { // TODO: make this secure by using SecurePassword result = Win32.AcquireCredentialsHandle( null, package.ToString(), SecurityCredentialUse.Outbound, IntPtr.Zero, authIdentity, 0, IntPtr.Zero, ref credential._sspiHandle, out timestamp); } } if (result != Win32.SEC_E_OK) { credential.SetHandleAsInvalid(); throw Win32.CreateException(result, "Unable to acquire credential."); } } return credential; }