I've a service that I'd like to secure calls to. The service speaks to many types of clients over a socket, but for NT clients, I'd like to authenticate against a domain them without requesting a username/password/domain.
Looking around SSPI seems to be just the ticket, but I'm not following the doc's (what can I say, I'm not that bright).
Does anyone have any sample code they're willng to share?
Ideally I'm looking for something like this:
Client:
Server:Code:pszTokenString = GetInteractiveUsersSecurityToken(...)
Code:bool VerifyUsersSecurityToken(pszTokenString)
Alternatively, any other ideas on how to approach this?
Also, I'm using LogonUser to authenticate users that do provide the relevant information. It's a bit slow (almost 2 secs) on our typical enterprise size network. It's the same pool of users that I'll be authenticating each time. Any ideas on how I can speed this up from code? Here's the line of code:
Code:bRet = LogonUser ( NTUserName, NTDomain, pszPassword, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hLogonHandle);
Reply With Quote