We have implemented Kerberos using Windows SSPI. The authentication was successful.
We want to store the Kerberos token for the future use.
How could we extract the token from the SecBufferDesc returned by the InitializeSecurityContext?
Also, how to check the token is correct or not?
bool bHaveCtxtHandle = false;
CtxtHandle contextHandle = { 0 };
SecBufferDesc outSecBufDesc;
SecBuffer outSecBuf;
SecBufferDesc inSecBufDesc;
ULONG ContextAttributes = 0U;
PBYTE pOutBuf = new BYTE[pkgInfo->cbMaxToken];
outSecBufDesc.ulVersion = 0;
outSecBufDesc.cBuffers = 1;
outSecBufDesc.pBuffers = &outSecBuf;
outSecBuf.cbBuffer = pkgInfo->cbMaxToken;
outSecBuf.BufferType = SECBUFFER_TOKEN;
outSecBuf.pvBuffer = pOutBuf;
lSecStatus = InitializeSecurityContext(&stCredHandle,
bHaveCtxtHandle ? &contextHandle : NULL,
pcPrincipalName,
ISC_REQ_USE_SUPPLIED_CREDS,
0,
SECURITY_NATIVE_DREP,
bHaveCtxtHandle ? &inSecBufDesc : NULL,
0,
&contextHandle,
&outSecBufDesc,
&ContextAttributes,
&SecurityContextLifetime);
as a reference.