3.2.4 Higher-Layer Triggered Events

  • Article

The application server initiates NTLM authentication through the SSPI.

  • GSS_Accept_sec_context

    The server application calls GSS_Accept_sec_context() to establish a security context with the client. NTLM has no requirements on which flags are used and will simply honor what was requested by the application or protocol. For an example of such a protocol specification, see [MS-RPCE] section 3.3.1.5.2.2. The server application will send the CHALLENGE_MESSAGE (section 2.2.1.2) to the client application.

  • GSS_Wrap

    After the security context is established, the server application can call GSS_WrapEx() (section 3.4.6) to encrypt messages.

  • GSS_Unwrap

    Once the security context is established, the server application can call GSS_UnwrapEx() (section 3.4.7) to decrypt messages that were encrypted by GSS_WrapEx.

  • GSS_GetMIC

    Once the security context is established, the server application can call GSS_GetMICEx() (section 3.4.8) to sign messages, producing an NTLMSSP_MESSAGE_SIGNATURE structure whose fields are defined in section 2.2.2.9.

  • GSS_VerifyMIC

    Once the security context is established, the server application can call GSS_VerifyMICEx() (section 3.4.9) to verify a signature produced by GSS_GetMICEx().