I am trying to set up a windows SSPI program to read authenticate the current user (https://learn.microsoft.com/en-us/windows/win32/api/sspi/nf-sspi-acquirecredentialshandlea).
Strangely it is not working and giving me an error.
//ERROR DETAILS
// MessageId: SEC_E_INVALID_TOKEN
//
// MessageText:
//
// The token supplied to the function is invalid
//
#define SEC_E_INVALID_TOKEN HRESULT_TYPEDEF(0x80090308L)
The code I came up with is as follows.
// Create an SSPI credential.
Status = g_pSSPI->AcquireCredentialsHandleA(
pN, // Name of principal
ppPackageInfo[2].Name,//sec_package_name.c_str,
SECPKG_CRED_OUTBOUND, // Flags indicating use
NULL, // Pointer to logon ID
cred_ptr, // Package specific data
NULL, // Pointer to GetKey() func
NULL, // Value to pass to GetKey()
phCreds, // (out) Cred Handle
&tsExpiry // (out) Lifetime (optional)
);
I am failing to understand how to give the details of the credentials here. I want to use kerberos here.
The cred_ptr is suppose to be a pointer to https://learn.microsoft.com/en-us/windows/win32/api/credssp/ns-credssp-credssp_cred But the MSDN just says
pSpnegoCred
A pointer to a set of Negotiate credentials.
How do I exactly fill it in?? Does anyone have a better understanding of this?
Thank you for your time.
If using the kerberos provider you pass a SEC_WINNT_AUTH_IDENTITY, not a CREDSSP_CRED.
Take a look at AcquireCredentialsHandle (Kerberos), the page you were looking at is for the CredSSP but does not make that clear.