Chapter 66. How to Add CIA to a Socket-Based App Using SSPI

VS.NET 2005 adds some very nice support for SSPI, making it almost trivial to establish an authenticated connection over a socket. Kerberizing a socket-based application has never been easier. The essence of this new support lies in a class called NegotiateStream (these details are based on Beta 1 of version 2.0 of the .NET Framework).

Remember, the goal of SSPI is to help add CIA support to a channel (Item 58), so it makes sense to use a stream-based programming model, where the steps are:

Perform a handshake to complete an authenticated key exchange
Read and write to the stream, which provides integrity protection and encryption

Here's what the class looks like:

 namespace System.Net.Security ...

Get The .NET Developer's Guide to Windows Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The .NET Developer's Guide to Windows Security by

Chapter 66. How to Add CIA to a Socket-Based App Using SSPI

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly