NegotiateStream.AuthenticateAsServer Method

Definition

Handles the server side of an authentication for a client-server connection.

Overloads

AuthenticateAsServer(NetworkCredential, ExtendedProtectionPolicy, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials, authentication options, and extended protection policy.

AuthenticateAsServer(NetworkCredential, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials and authentication options.

AuthenticateAsServer()

Called by servers to authenticate the client, and optionally the server, in a client-server connection.

AuthenticateAsServer(ExtendedProtectionPolicy)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified extended protection policy.

Remarks

These methods block while the authentication is in progress. To prevent the application from blocking while waiting for the authentication to complete, use the BeginAuthenticateAsServer method.

AuthenticateAsServer(NetworkCredential, ExtendedProtectionPolicy, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials, authentication options, and extended protection policy.

public:
 virtual void AuthenticateAsServer(System::Net::NetworkCredential ^ credential, System::Security::Authentication::ExtendedProtection::ExtendedProtectionPolicy ^ policy, System::Net::Security::ProtectionLevel requiredProtectionLevel, System::Security::Principal::TokenImpersonationLevel requiredImpersonationLevel);
public virtual void AuthenticateAsServer (System.Net.NetworkCredential credential, System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy policy, System.Net.Security.ProtectionLevel requiredProtectionLevel, System.Security.Principal.TokenImpersonationLevel requiredImpersonationLevel);
abstract member AuthenticateAsServer : System.Net.NetworkCredential * System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
override this.AuthenticateAsServer : System.Net.NetworkCredential * System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
Public Overridable Sub AuthenticateAsServer (credential As NetworkCredential, policy As ExtendedProtectionPolicy, requiredProtectionLevel As ProtectionLevel, requiredImpersonationLevel As TokenImpersonationLevel)

Parameters

credential
NetworkCredential

The NetworkCredential that is used to establish the identity of the client.

policy
ExtendedProtectionPolicy

The ExtendedProtectionPolicy that is used for extended protection.

requiredProtectionLevel
ProtectionLevel

One of the ProtectionLevel values, indicating the security services for the stream.

requiredImpersonationLevel
TokenImpersonationLevel

One of the TokenImpersonationLevel values, indicating how the server can use the client's credentials to access resources.

Exceptions

The CustomChannelBinding and CustomServiceNames on the extended protection policy passed in the policy parameter are both null.

credential is null.

requiredImpersonationLevel must be Identification, Impersonation, or Delegation,

The authentication failed. You can use this object to try to r-authenticate.

The authentication failed. You can use this object to retry the authentication.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the client. You cannot use the stream to retry authentication as the server.

Windows 95 and Windows 98 are not supported.

This object has been closed.

The policy parameter was set to Always on a platform that does not support extended protection.

Remarks

If the policy parameter is null, then an extended protection policy is used that has PolicyEnforcement set to Never.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

This method blocks until the operation completes. To prevent blocking until the operation completes, use one of the BeginAuthenticateAsServer method overloads.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

See also

AuthenticateAsServer(NetworkCredential, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials and authentication options.

public:
 virtual void AuthenticateAsServer(System::Net::NetworkCredential ^ credential, System::Net::Security::ProtectionLevel requiredProtectionLevel, System::Security::Principal::TokenImpersonationLevel requiredImpersonationLevel);
public virtual void AuthenticateAsServer (System.Net.NetworkCredential credential, System.Net.Security.ProtectionLevel requiredProtectionLevel, System.Security.Principal.TokenImpersonationLevel requiredImpersonationLevel);
abstract member AuthenticateAsServer : System.Net.NetworkCredential * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
override this.AuthenticateAsServer : System.Net.NetworkCredential * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
Public Overridable Sub AuthenticateAsServer (credential As NetworkCredential, requiredProtectionLevel As ProtectionLevel, requiredImpersonationLevel As TokenImpersonationLevel)

Parameters

credential
NetworkCredential

The NetworkCredential that is used to establish the identity of the server.

requiredProtectionLevel
ProtectionLevel

One of the ProtectionLevel values, indicating the security services for the stream.

requiredImpersonationLevel
TokenImpersonationLevel

One of the TokenImpersonationLevel values, indicating how the server can use the client's credentials to access resources.

Exceptions

credential is null.

requiredImpersonationLevel must be Identification, Impersonation, or Delegation,

The authentication failed. You can use this object to try to r-authenticate.

The authentication failed. You can use this object to retry the authentication.

This object has been closed.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the client. You cannot use the stream to retry authentication as the server.

Windows 95 and Windows 98 are not supported.

Remarks

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

This method blocks until the operation completes. To prevent blocking until the operation completes, use one of the BeginAuthenticateAsServer method overloads.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

Security

SecurityPermission
to use the explicit NetworkCredential. Associated enumeration: ControlPrincipal.

AuthenticateAsServer()

Called by servers to authenticate the client, and optionally the server, in a client-server connection.

public:
 virtual void AuthenticateAsServer();
public virtual void AuthenticateAsServer ();
abstract member AuthenticateAsServer : unit -> unit
override this.AuthenticateAsServer : unit -> unit
Public Overridable Sub AuthenticateAsServer ()

Exceptions

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

This object has been closed.

Windows 95 and Windows 98 are not supported.

Remarks

The authentication uses the server's DefaultCredentials. No Service Principal Name (SPN) is specified for the server. The impersonation level is Identification, and the security level is EncryptAndSign.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

This method blocks until the operation completes. To prevent blocking until the operation completes, use one of the BeginAuthenticateAsServer method overloads.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

Security

SecurityPermission
to use the explicit NetworkCredential. Associated enumeration: ControlPrincipal.

AuthenticateAsServer(ExtendedProtectionPolicy)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified extended protection policy.

public:
 virtual void AuthenticateAsServer(System::Security::Authentication::ExtendedProtection::ExtendedProtectionPolicy ^ policy);
public virtual void AuthenticateAsServer (System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy policy);
abstract member AuthenticateAsServer : System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy -> unit
override this.AuthenticateAsServer : System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy -> unit
Public Overridable Sub AuthenticateAsServer (policy As ExtendedProtectionPolicy)

Parameters

policy
ExtendedProtectionPolicy

The ExtendedProtectionPolicy that is used for extended protection.

Exceptions

The CustomChannelBinding and CustomServiceNames on the extended protection policy passed in the policy parameter are both null.

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

Windows 95 and Windows 98 are not supported.

This object has been closed.

The policy parameter was set to Always on a platform that does not support extended protection.

Remarks

The authentication uses the server's DefaultCredentials. No Service Principal Name (SPN) is specified for the server. The impersonation level is Identification, and the security level is EncryptAndSign.

If the policy parameter is null, then an extended protection policy is used that has PolicyEnforcement set to Never.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

This method blocks until the operation completes. To prevent blocking until the operation completes, use one of the BeginAuthenticateAsServer method overloads.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

See also

Applies to