NegotiateStream.BeginAuthenticateAsClient Method (AsyncCallback, Object)


Called by clients to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. This method does not block.

Namespace:   System.Net.Security
Assembly:  System (in System.dll)

[HostProtectionAttribute(SecurityAction.LinkDemand, ExternalThreading = true)]
public virtual IAsyncResult BeginAuthenticateAsClient(
	AsyncCallback asyncCallback,
	object asyncState


Type: System.AsyncCallback

An AsyncCallback delegate that references the method to invoke when the authentication is complete.

Type: System.Object

A user-defined object containing information about the operation. This object is passed to the asyncCallback delegate when the operation completes.

Return Value

Type: System.IAsyncResult

An IAsyncResult object indicating the status of the asynchronous operation.

Exception Condition

The authentication failed. You can use this object to retry the authentication.


The authentication failed. You can use this object to retry the authentication.


This object has been closed.


Authentication has already occurred.

- or -

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.

The authentication uses the client's DefaultCredentials. No Service Principal Name (SPN) is specified for the server. The impersonation level is Identification, and the security level is EncryptAndSign. The NegotiateStream class will construct the SPN used for mutual authentication.

This method is asynchronous and does not block while the operation completes. To block until the operation completes, use one of the AuthenticateAsClient method overloads.

The asynchronous authentication operation must be completed by calling the EndAuthenticateAsClient method. Typically, the method is invoked by the asyncCallback delegate. For detailed information about using the asynchronous programming model, see Calling Synchronous Methods Asynchronously

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

The following code example demonstrates calling this method to begin an asynchronous authentication for the client.

// Establish the remote endpoint for the socket.
// For this example, use the local machine.
IPHostEntry ipHostInfo = Dns.GetHostEntry("localhost");
IPAddress ipAddress = ipHostInfo.AddressList[0];
// Client and server use port 11000. 
IPEndPoint remoteEP = new IPEndPoint(ipAddress, 11000);
// Create a TCP/IP socket.
client = new TcpClient();
// Connect the socket to the remote endpoint.
Console.WriteLine("Client connected to {0}.", remoteEP.ToString());
// Ensure the client does not close when there is 
// still data to be sent to the server.
client.LingerState = (new LingerOption(true, 0));
// Request authentication.
NetworkStream clientStream = client.GetStream();
NegotiateStream authStream = new NegotiateStream(clientStream, false); 
// Pass the NegotiateStream as the AsyncState object 
// so that it is available to the callback delegate.
IAsyncResult ar = authStream.BeginAuthenticateAsClient(
    new AsyncCallback(EndAuthenticateCallback),

.NET Framework
Available since 2.0
Return to top