ProtectionLevel Enum

Definition

Indicates the security services requested for an authenticated stream.

public enum class ProtectionLevel
public enum ProtectionLevel
type ProtectionLevel = 
Public Enum ProtectionLevel
Inheritance
ProtectionLevel

Fields

EncryptAndSign 2

Encrypt and sign data to help ensure the confidentiality and integrity of transmitted data.

None 0

Authentication only.

Sign 1

Sign data to help ensure the integrity of transmitted data.

Examples

The following code example demonstrates creating and using a client-side NegotiateStream.

#using <System.dll>

using namespace System;
using namespace System::Net;
using namespace System::Net::Security;
using namespace System::Net::Sockets;
using namespace System::Security::Principal;

static void DisplayStreamProperties( NegotiateStream^ stream )
{
   Console::WriteLine( L"Can read: {0}", stream->CanRead );
   Console::WriteLine( L"Can write: {0}", stream->CanWrite );
   Console::WriteLine( L"Can seek: {0}", stream->CanSeek );
   try
   {
      
      // If the underlying stream supports it, display the length.
      Console::WriteLine( L"Length: {0}", stream->Length );
   }
   catch ( NotSupportedException^ ) 
   {
      Console::WriteLine( L"Cannot get the length of the underlying stream." );
   }

   if ( stream->CanTimeout )
   {
      Console::WriteLine( L"Read time-out: {0}", stream->ReadTimeout );
      Console::WriteLine( L"Write time-out: {0}", stream->WriteTimeout );
   }
}


static void DisplayAuthenticationProperties( NegotiateStream^ stream )
{
   Console::WriteLine( L"IsAuthenticated: {0}", stream->IsAuthenticated );
   Console::WriteLine( L"IsMutuallyAuthenticated: {0}", stream->IsMutuallyAuthenticated );
   Console::WriteLine( L"IsEncrypted: {0}", stream->IsEncrypted );
   Console::WriteLine( L"IsSigned: {0}", stream->IsSigned );
   Console::WriteLine( L"ImpersonationLevel: {0}", stream->ImpersonationLevel );
   Console::WriteLine( L"IsServer: {0}", stream->IsServer );
}


int main()
{
   
   // Establish the remote endpoint for the socket.
   // For this example, use the local machine.
   IPHostEntry^ ipHostInfo = Dns::GetHostEntry( Dns::GetHostName() );
   IPAddress^ ipAddress = ipHostInfo->AddressList[ 0 ];
   
   // Client and server use port 11000. 
   IPEndPoint^ remoteEP = gcnew IPEndPoint( ipAddress,11000 );
   
   // Create a TCP/IP socket.
   TcpClient^ client = gcnew TcpClient;
   
   // Connect the socket to the remote endpoint.
   client->Connect( remoteEP );
   Console::WriteLine( L"Client connected to {0}.", remoteEP );
   
   // Ensure the client does not close when there is 
   // still data to be sent to the server.
   client->LingerState = (gcnew LingerOption( true,0 ));
   
   // Request authentication.
   NetworkStream^ clientStream = client->GetStream();
   NegotiateStream^ authStream = gcnew NegotiateStream( clientStream );
   
   // Request authentication for the client only (no mutual authentication).
   // Authenicate using the client's default credetials.
   // Permit the server to impersonate the client to access resources on the server only.
   // Request that data be transmitted using encryption and data signing.
   authStream->AuthenticateAsClient( dynamic_cast<NetworkCredential^>(CredentialCache::DefaultCredentials), 
          L"", 
          ProtectionLevel::EncryptAndSign, 
          TokenImpersonationLevel::Impersonation );
   
   DisplayAuthenticationProperties( authStream );
   DisplayStreamProperties( authStream );
   if ( authStream->CanWrite )
   {
      
      // Encode the test data into a byte array.
      array<Byte>^message = System::Text::Encoding::UTF8->GetBytes( L"Hello from the client." );
      authStream->Write( message, 0, message->Length );
      authStream->Flush();
      Console::WriteLine( L"Sent {0} bytes.", message->Length );
   }

   
   // Close the client connection.
   authStream->Close();
   Console::WriteLine( L"Client closed." );
}
using System;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Principal;

namespace Examples.NegotiateStreamExample
{
    public class SynchronousAuthenticatingTcpClient
    {
        public static void Main(String[] args)
        {
            // Establish the remote endpoint for the socket.
            // For this example, use the local machine.
            IPHostEntry ipHostInfo = Dns.GetHostEntry(Dns.GetHostName());
            IPAddress ipAddress = ipHostInfo.AddressList[0];
            // Client and server use port 11000.
            IPEndPoint remoteEP = new IPEndPoint(ipAddress,11000);
            // Create a TCP/IP socket.
           TcpClient client = new TcpClient();
            // Connect the socket to the remote endpoint.
            client.Connect(remoteEP);
            Console.WriteLine("Client connected to {0}.",
                remoteEP.ToString());
            // Ensure the client does not close when there is
            // still data to be sent to the server.
            client.LingerState = (new LingerOption(true,0));
            // Request authentication.
            NetworkStream clientStream = client.GetStream();
            NegotiateStream authStream = new NegotiateStream(clientStream);
            // Request authentication for the client only (no mutual authentication).
            // Authenicate using the client's default credetials.
            // Permit the server to impersonate the client to access resources on the server only.
            // Request that data be transmitted using encryption and data signing.
            authStream.AuthenticateAsClient(
                 (NetworkCredential) CredentialCache.DefaultCredentials,
                 "",
                 ProtectionLevel.EncryptAndSign,
                 TokenImpersonationLevel.Impersonation);
            DisplayAuthenticationProperties(authStream);
            DisplayStreamProperties(authStream);
            if (authStream.CanWrite)
            {
                 // Encode the test data into a byte array.
                byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello from the client.");
                authStream.Write(message, 0, message.Length);
                authStream.Flush();
                Console.WriteLine("Sent {0} bytes.", message.Length);
            }
            // Close the client connection.
            authStream.Close();
            Console.WriteLine("Client closed.");
    }
         static void DisplayStreamProperties(NegotiateStream stream)
        {
             Console.WriteLine("Can read: {0}", stream.CanRead);
             Console.WriteLine("Can write: {0}", stream.CanWrite);
             Console.WriteLine("Can seek: {0}", stream.CanSeek);
             try
             {
                 // If the underlying stream supports it, display the length.
                 Console.WriteLine("Length: {0}", stream.Length);
             } catch (NotSupportedException)
             {
                     Console.WriteLine("Cannot get the length of the underlying stream.");
             }

             if (stream.CanTimeout)
             {
                 Console.WriteLine("Read time-out: {0}", stream.ReadTimeout);
                 Console.WriteLine("Write time-out: {0}", stream.WriteTimeout);
             }
        }
         static void DisplayAuthenticationProperties(NegotiateStream stream)
        {
             Console.WriteLine("IsAuthenticated: {0}", stream.IsAuthenticated);
            Console.WriteLine("IsMutuallyAuthenticated: {0}", stream.IsMutuallyAuthenticated);
            Console.WriteLine("IsEncrypted: {0}", stream.IsEncrypted);
            Console.WriteLine("IsSigned: {0}", stream.IsSigned);
            Console.WriteLine("ImpersonationLevel: {0}", stream.ImpersonationLevel);
            Console.WriteLine("IsServer: {0}", stream.IsServer);
        }
    }
}

Remarks

This enumeration is used by the NegotiateStream class.

Applies to