The security binding subtype for specifying the use of the Windows Integrated Authentication protocol (such as Kerberos, NTLM or SPNEGO) with the named pipe transport. A specific SSP package may be chosen using the security binding property WS_SECURITY_BINDING_PROPERTY_WINDOWS_INTEGRATED_AUTH_PACKAGE; if that property is not specified, SPNEGO is used by default.

This security binding operates at the transport security level and is supported only with the WS_NAMEDPIPE_CHANNEL_BINDING. The NamedPipe/Windows SSPI combination uses the wire form defined by the NegotiateStream protocol and the .Net Message Framing specification.

On the client side, the security identity of the target server is specified using the identity field of the WS_ENDPOINT_ADDRESS parameter supplied during WsOpenChannel.

The named pipe binding supports only this one transport security binding and does not support any message security bindings.

With this security binding, the following security binding properties may be specified:

This type derives from the base type WS_SECURITY_BINDING. For an instance of this type, the type selector field bindingType must have the value WS_NAMEDPIPE_SSPI_TRANSPORT_SECURITY_BINDING_TYPE.


  WS_SECURITY_BINDING                   binding;



The base type from which this security binding subtype and all other security binding subtypes derive.


The WS_WINDOWS_INTEGRATED_AUTH_CREDENTIAL structure to be used to authenticate the client. This is required on the client and must not be specified on the server.


Minimum supported client Windows 8 [desktop apps only]
Minimum supported server Windows Server 2012 [desktop apps only]
Header webservices.h