0 out of 3 rated this helpful - Rate this topic

Extended Error Information

Some security packages support extended error messages that allow the sides of a communication link to communicate any reasons for a failure. For example, the Kerberos protocol could fail because of a time discrepancy between the time of request for a Kerberos ticket and the ticket's time of issue. With information from returned extended error information, a client can resynchronize its clock and generate a new connection message.

A security package setting the SECPKG_FLAG_EXTENDED_ERROR flag in the fCapabilities member of a SecPkgInfo structure indicates that the security package supports extended error messages.

Client applications requiring extended error messages specify the ISC_REQ_EXTENDED_ERROR flag when calling the InitializeSecurityContext (General) function. Server applications requiring extended error messages set the ASC_REQ_EXTENDED_ERROR flag when calling AcceptSecurityContext (General).

Send comments about this topic to Microsoft

Build date: 1/2/2013

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Additions

ADD