NegotiateStream Class

NegotiateStream Class

 

Provides a stream that uses the Negotiate security protocol to authenticate the client, and optionally the server, in client-server communication.

Namespace:   System.Net.Security
Assembly:  System (in System.dll)

System::Object
  System::MarshalByRefObject
    System.IO::Stream
      System.Net.Security::AuthenticatedStream
        System.Net.Security::NegotiateStream

public ref class NegotiateStream : AuthenticatedStream

NameDescription
System_CAPS_pubmethodNegotiateStream(Stream^)

Initializes a new instance of the NegotiateStream class using the specified Stream.

System_CAPS_pubmethodNegotiateStream(Stream^, Boolean)

Initializes a new instance of the NegotiateStream class using the specified Stream and stream closure behavior.

NameDescription
System_CAPS_pubpropertyCanRead

Gets a Boolean value that indicates whether the underlying stream is readable.(Overrides Stream::CanRead.)

System_CAPS_pubpropertyCanSeek

Gets a Boolean value that indicates whether the underlying stream is seekable.(Overrides Stream::CanSeek.)

System_CAPS_pubpropertyCanTimeout

Gets a Boolean value that indicates whether the underlying stream supports time-outs.(Overrides Stream::CanTimeout.)

System_CAPS_pubpropertyCanWrite

Gets a Boolean value that indicates whether the underlying stream is writable.(Overrides Stream::CanWrite.)

System_CAPS_pubpropertyImpersonationLevel

Gets a value that indicates how the server can use the client's credentials.

System_CAPS_protpropertyInnerStream

Gets the stream used by this AuthenticatedStream for sending and receiving data.(Inherited from AuthenticatedStream.)

System_CAPS_pubpropertyIsAuthenticated

Gets a Boolean value that indicates whether authentication was successful.(Overrides AuthenticatedStream::IsAuthenticated.)

System_CAPS_pubpropertyIsEncrypted

Gets a Boolean value that indicates whether this NegotiateStream uses data encryption.(Overrides AuthenticatedStream::IsEncrypted.)

System_CAPS_pubpropertyIsMutuallyAuthenticated

Gets a Boolean value that indicates whether both the server and the client have been authenticated.(Overrides AuthenticatedStream::IsMutuallyAuthenticated.)

System_CAPS_pubpropertyIsServer

Gets a Boolean value that indicates whether the local side of the connection used by this NegotiateStream was authenticated as the server.(Overrides AuthenticatedStream::IsServer.)

System_CAPS_pubpropertyIsSigned

Gets a Boolean value that indicates whether the data sent using this stream is signed.(Overrides AuthenticatedStream::IsSigned.)

System_CAPS_pubpropertyLeaveInnerStreamOpen

Gets whether the stream used by this AuthenticatedStream for sending and receiving data has been left open.(Inherited from AuthenticatedStream.)

System_CAPS_pubpropertyLength

Gets the length of the underlying stream.(Overrides Stream::Length.)

System_CAPS_pubpropertyPosition

Gets or sets the current position in the underlying stream.(Overrides Stream::Position.)

System_CAPS_pubpropertyReadTimeout

Gets or sets the amount of time a read operation blocks waiting for data.(Overrides Stream::ReadTimeout.)

System_CAPS_pubpropertyRemoteIdentity

Gets information about the identity of the remote party sharing this authenticated stream.

System_CAPS_pubpropertyWriteTimeout

Gets or sets the amount of time a write operation blocks waiting for data.(Overrides Stream::WriteTimeout.)

NameDescription
System_CAPS_pubmethodAuthenticateAsClient()

Called by clients to authenticate the client, and optionally the server, in a client-server connection.

System_CAPS_pubmethodAuthenticateAsClient(NetworkCredential^, ChannelBinding^, String^)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified client credential and the channel binding.

System_CAPS_pubmethodAuthenticateAsClient(NetworkCredential^, ChannelBinding^, String^, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credential, authentication options, and channel binding.

System_CAPS_pubmethodAuthenticateAsClient(NetworkCredential^, String^)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified client credential.

System_CAPS_pubmethodAuthenticateAsClient(NetworkCredential^, String^, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials and authentication options.

System_CAPS_pubmethodAuthenticateAsClientAsync()

Called by clients to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation.

System_CAPS_pubmethodAuthenticateAsClientAsync(NetworkCredential^, ChannelBinding^, String^)

Called by clients to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified client credential and the channel binding.

System_CAPS_pubmethodAuthenticateAsClientAsync(NetworkCredential^, ChannelBinding^, String^, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified credential, authentication options, and channel binding.

System_CAPS_pubmethodAuthenticateAsClientAsync(NetworkCredential^, String^)

Called by clients to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified client credential.

System_CAPS_pubmethodAuthenticateAsClientAsync(NetworkCredential^, String^, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified credentials and authentication options.

System_CAPS_pubmethodAuthenticateAsServer()

Called by servers to authenticate the client, and optionally the server, in a client-server connection.

System_CAPS_pubmethodAuthenticateAsServer(ExtendedProtectionPolicy^)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified extended protection policy.

System_CAPS_pubmethodAuthenticateAsServer(NetworkCredential^, ExtendedProtectionPolicy^, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials, authentication options, and extended protection policy.

System_CAPS_pubmethodAuthenticateAsServer(NetworkCredential^, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials and authentication options.

System_CAPS_pubmethodAuthenticateAsServerAsync()

Called by servers to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation.

System_CAPS_pubmethodAuthenticateAsServerAsync(ExtendedProtectionPolicy^)

Called by servers to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified extended protection policy.

System_CAPS_pubmethodAuthenticateAsServerAsync(NetworkCredential^, ExtendedProtectionPolicy^, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified server credentials, authentication options, and extended protection policy.

System_CAPS_pubmethodAuthenticateAsServerAsync(NetworkCredential^, ProtectionLevel, TokenImpersonationLevel)

Called by servers to authenticate the client, and optionally the server, in a client-server connection as an asynchronous operation. The authentication process uses the specified server credentials and authentication options.

System_CAPS_pubmethodBeginAuthenticateAsClient(AsyncCallback^, Object^)

Called by clients to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsClient(NetworkCredential^, ChannelBinding^, String^, AsyncCallback^, Object^)

Called by clients to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials and channel binding. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsClient(NetworkCredential^, ChannelBinding^, String^, ProtectionLevel, TokenImpersonationLevel, AsyncCallback^, Object^)

Called by clients to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials, authentication options, and channel binding. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsClient(NetworkCredential^, String^, AsyncCallback^, Object^)

Called by clients to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsClient(NetworkCredential^, String^, ProtectionLevel, TokenImpersonationLevel, AsyncCallback^, Object^)

Called by clients to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials and authentication options. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsServer(AsyncCallback^, Object^)

Called by servers to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsServer(ExtendedProtectionPolicy^, AsyncCallback^, Object^)

Called by servers to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified extended protection policy. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsServer(NetworkCredential^, ExtendedProtectionPolicy^, ProtectionLevel, TokenImpersonationLevel, AsyncCallback^, Object^)

Called by servers to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials, authentication options, and extended protection policy. This method does not block.

System_CAPS_pubmethodBeginAuthenticateAsServer(NetworkCredential^, ProtectionLevel, TokenImpersonationLevel, AsyncCallback^, Object^)

Called by servers to begin an asynchronous operation to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified server credentials and authentication options. This method does not block.

System_CAPS_pubmethodBeginRead(array<Byte>^, Int32, Int32, AsyncCallback^, Object^)

Begins an asynchronous read operation that reads data from the stream and stores it in the specified array. (Overrides Stream::BeginRead(array<Byte>^, Int32, Int32, AsyncCallback^, Object^).)

System_CAPS_pubmethodBeginWrite(array<Byte>^, Int32, Int32, AsyncCallback^, Object^)

Begins an asynchronous write operation that writes Bytes from the specified buffer to the stream.(Overrides Stream::BeginWrite(array<Byte>^, Int32, Int32, AsyncCallback^, Object^).)

System_CAPS_pubmethodClose()

Closes the current stream and releases any resources (such as sockets and file handles) associated with the current stream. Instead of calling this method, ensure that the stream is properly disposed.(Inherited from Stream.)

System_CAPS_pubmethodCopyTo(Stream^)

Reads the bytes from the current stream and writes them to another stream.(Inherited from Stream.)

System_CAPS_pubmethodCopyTo(Stream^, Int32)

Reads the bytes from the current stream and writes them to another stream, using a specified buffer size.(Inherited from Stream.)

System_CAPS_pubmethodCopyToAsync(Stream^)

Asynchronously reads the bytes from the current stream and writes them to another stream.(Inherited from Stream.)

System_CAPS_pubmethodCopyToAsync(Stream^, Int32)

Asynchronously reads the bytes from the current stream and writes them to another stream, using a specified buffer size.(Inherited from Stream.)

System_CAPS_pubmethodCopyToAsync(Stream^, Int32, CancellationToken)

Asynchronously reads the bytes from the current stream and writes them to another stream, using a specified buffer size and cancellation token.(Inherited from Stream.)

System_CAPS_pubmethodCreateObjRef(Type^)

Creates an object that contains all the relevant information required to generate a proxy used to communicate with a remote object.(Inherited from MarshalByRefObject.)

System_CAPS_protmethodCreateWaitHandle()

Obsolete.Allocates a WaitHandle object.(Inherited from Stream.)

System_CAPS_pubmethodDispose()

Releases all resources used by the Stream.(Inherited from Stream.)

System_CAPS_protmethodDispose(Boolean)

Releases the unmanaged resources used by the NegotiateStream and optionally releases the managed resources. (Overrides AuthenticatedStream::Dispose(Boolean).)

System_CAPS_pubmethodEndAuthenticateAsClient(IAsyncResult^)

Ends a pending asynchronous client authentication operation that was started with a call to BeginAuthenticateAsClient.

System_CAPS_pubmethodEndAuthenticateAsServer(IAsyncResult^)

Ends a pending asynchronous client authentication operation that was started with a call to BeginAuthenticateAsServer.

System_CAPS_pubmethodEndRead(IAsyncResult^)

Ends an asynchronous read operation that was started with a call to BeginRead.(Overrides Stream::EndRead(IAsyncResult^).)

System_CAPS_pubmethodEndWrite(IAsyncResult^)

Ends an asynchronous write operation that was started with a call to BeginWrite.(Overrides Stream::EndWrite(IAsyncResult^).)

System_CAPS_pubmethodEquals(Object^)

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_protmethodFinalize()

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethodFlush()

Causes any buffered data to be written to the underlying device.(Overrides Stream::Flush().)

System_CAPS_pubmethodFlushAsync()

Asynchronously clears all buffers for this stream and causes any buffered data to be written to the underlying device.(Inherited from Stream.)

System_CAPS_pubmethodFlushAsync(CancellationToken)

Asynchronously clears all buffers for this stream, causes any buffered data to be written to the underlying device, and monitors cancellation requests.(Inherited from Stream.)

System_CAPS_pubmethodGetHashCode()

Serves as the default hash function. (Inherited from Object.)

System_CAPS_pubmethodGetLifetimeService()

Retrieves the current lifetime service object that controls the lifetime policy for this instance.(Inherited from MarshalByRefObject.)

System_CAPS_pubmethodGetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethodInitializeLifetimeService()

Obtains a lifetime service object to control the lifetime policy for this instance.(Inherited from MarshalByRefObject.)

System_CAPS_protmethodMemberwiseClone()

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_protmethodMemberwiseClone(Boolean)

Creates a shallow copy of the current MarshalByRefObject object.(Inherited from MarshalByRefObject.)

System_CAPS_protmethodObjectInvariant()

Obsolete. This API supports the product infrastructure and is not intended to be used directly from your code. Provides support for a Contract.(Inherited from Stream.)

System_CAPS_pubmethodRead(array<Byte>^, Int32, Int32)

Reads data from this stream and stores it in the specified array.(Overrides Stream::Read(array<Byte>^, Int32, Int32).)

System_CAPS_pubmethodReadAsync(array<Byte>^, Int32, Int32)

Asynchronously reads a sequence of bytes from the current stream and advances the position within the stream by the number of bytes read.(Inherited from Stream.)

System_CAPS_pubmethodReadAsync(array<Byte>^, Int32, Int32, CancellationToken)

Asynchronously reads a sequence of bytes from the current stream, advances the position within the stream by the number of bytes read, and monitors cancellation requests.(Inherited from Stream.)

System_CAPS_pubmethodReadByte()

Reads a byte from the stream and advances the position within the stream by one byte, or returns -1 if at the end of the stream.(Inherited from Stream.)

System_CAPS_pubmethodSeek(Int64, SeekOrigin)
System_CAPS_pubmethodSetLength(Int64)

Sets the length of the underlying stream.(Overrides Stream::SetLength(Int64).)

System_CAPS_pubmethodToString()

Returns a string that represents the current object.(Inherited from Object.)

System_CAPS_pubmethodWrite(array<Byte>^, Int32, Int32)

Write the specified number of Bytes to the underlying stream using the specified buffer and offset.(Overrides Stream::Write(array<Byte>^, Int32, Int32).)

System_CAPS_pubmethodWriteAsync(array<Byte>^, Int32, Int32)

Asynchronously writes a sequence of bytes to the current stream and advances the current position within this stream by the number of bytes written.(Inherited from Stream.)

System_CAPS_pubmethodWriteAsync(array<Byte>^, Int32, Int32, CancellationToken)

Asynchronously writes a sequence of bytes to the current stream, advances the current position within this stream by the number of bytes written, and monitors cancellation requests.(Inherited from Stream.)

System_CAPS_pubmethodWriteByte(Byte)

Writes a byte to the current position in the stream and advances the position within the stream by one byte.(Inherited from Stream.)

Use the NegotiateStream class for authentication and to help secure information transmitted between a client and a server. Using NegotiateStream, you can do the following.

  • Send the client's credentials to the server for Impersonation or Delegation.

  • Request server authentication.

  • Encrypt and/or sign data before transmitting it.

Authentication must be performed before transmitting information. Clients request authentication using the synchronous AuthenticateAsClient methods, which block until the authentication completes, or the asynchronous BeginAuthenticateAsClient methods, which do not block while waiting for the authentication to complete. Servers request authentication using the synchronous AuthenticateAsServer or asynchronous BeginAuthenticateAsServer methods. The client, and optionally the server, is authenticated using the Negotiate security protocol. On Windows 95/98 systems, Windows NT LAN Manager (NTLM) is the protocol used for authentication. On other platforms the Kerberos protocol is used for authentication if both client and server support it; otherwise NTLM is used. For detailed descriptions of these protocols, see the Platform SDK documentation on MSDN, at msdn.microsoft.com/library/. The NegotiateStream class performs the authentication using the Security Support Provider Interface (SSPI).

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services will be used by the NegotiateStream to help secure your data during transmission. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred. You can get information about the remote client or server using the RemoteIdentity property.

If the authentication fails, you will receive an AuthenticationException or a InvalidCredentialException. In this case, you can retry the authentication with a different credential.

You send data using the synchronous Write or asynchronous BeginWrite methods. You receive data using the synchronous Read or asynchronous BeginRead methods. If security services such as encryption or signing are enabled, these are automatically applied to your data by the NegotiateStream.

The NegotiateStream transmits data using a stream that you supply when creating the NegotiateStream. When you supply this underlying stream, you have the option to specify whether closing the NegotiateStream also closes the underlying stream.

The following code example demonstrates the client side of a client-server connection that uses the NegotiateStream. The client authenticates and sends a message to the server asynchronously.

#using <System.dll>

using namespace System;
using namespace System::Net;
using namespace System::Net::Security;
using namespace System::Net::Sockets;
using namespace System::Text;

// The following class displays the properties of an authenticatedStream.
public ref class AuthenticatedStreamReporter
{
public:
   static void DisplayProperties( AuthenticatedStream^ stream )
   {
      Console::WriteLine( L"IsAuthenticated: {0}", stream->IsAuthenticated );
      Console::WriteLine( L"IsMutuallyAuthenticated: {0}", stream->IsMutuallyAuthenticated );
      Console::WriteLine( L"IsEncrypted: {0}", stream->IsEncrypted );
      Console::WriteLine( L"IsSigned: {0}", stream->IsSigned );
      Console::WriteLine( L"IsServer: {0}", stream->IsServer );
   }

};


public ref class ASynchronousAuthenticatingTcpClient
{
private:
   static TcpClient^ client = nullptr;

public:
   void Main()
   {

      // Establish the remote endpoint for the socket.
      // For this example, use the local machine.
      IPHostEntry^ ipHostInfo = Dns::GetHostEntry( Dns::GetHostName() );
      IPAddress^ ipAddress = ipHostInfo->AddressList[ 0 ];

      // Client and server use port 11000. 
      IPEndPoint^ remoteEP = gcnew IPEndPoint( ipAddress,11000 );

      // Create a TCP/IP socket.
      client = gcnew TcpClient;

      // Connect the socket to the remote endpoint.
      client->Connect( remoteEP );
      Console::WriteLine( L"Client connected to {0}.", remoteEP );

      // Ensure the client does not close when there is 
      // still data to be sent to the server.
      client->LingerState = (gcnew LingerOption( true,0 ));

      // Request authentication.
      NetworkStream^ clientStream = client->GetStream();
      NegotiateStream^ authStream = gcnew NegotiateStream( clientStream,false );

      // Pass the NegotiateStream as the AsyncState object 
      // so that it is available to the callback delegate.
      IAsyncResult^ ar = authStream->BeginAuthenticateAsClient( gcnew AsyncCallback( EndAuthenticateCallback ), authStream );

      Console::WriteLine( L"Client waiting for authentication..." );

      // Wait until the result is available.
      ar->AsyncWaitHandle->WaitOne();

      // Display the properties of the authenticated stream.
      AuthenticatedStreamReporter::DisplayProperties( authStream );

      // Send a message to the server.
      // Encode the test data into a byte array.
      array<Byte>^message = Encoding::UTF8->GetBytes( L"Hello from the client." );
      ar = authStream->BeginWrite( message, 0, message->Length, gcnew AsyncCallback( EndWriteCallback ), authStream );

      ar->AsyncWaitHandle->WaitOne();
      Console::WriteLine( L"Sent {0} bytes.", message->Length );

      // Close the client connection.
      authStream->Close();
      Console::WriteLine( L"Client closed." );
   }


   // The following method is called when the authentication completes.
   static void EndAuthenticateCallback( IAsyncResult^ ar )
   {
      Console::WriteLine( L"Client ending authentication..." );
      NegotiateStream^ authStream = dynamic_cast<NegotiateStream^>(ar->AsyncState);

      // End the asynchronous operation.
      authStream->EndAuthenticateAsClient( ar );

      //         Console.WriteLine("AllowedImpersonation: {0}", authStream.AllowedImpersonation);
   }


   // The following method is called when the write operation completes.
   static void EndWriteCallback( IAsyncResult^ ar )
   {
      Console::WriteLine( L"Client ending write operation..." );
      NegotiateStream^ authStream = dynamic_cast<NegotiateStream^>(ar->AsyncState);

      // End the asynchronous operation.
      authStream->EndWrite( ar );
   }

};

void main()
{
   ASynchronousAuthenticatingTcpClient^ aatc = gcnew ASynchronousAuthenticatingTcpClient;
   aatc->Main();
}

The following code example demonstrates the server side of a client-server connection that uses the NegotiateStream to authenticate the client and read a message sent by the client.

#using <System.dll>

using namespace System;
using namespace System::Net;
using namespace System::Net::Security;
using namespace System::Net::Sockets;
using namespace System::Security::Authentication;
using namespace System::Security::Principal;
using namespace System::Text;
using namespace System::IO;
using namespace System::Threading;

// ClientState is the AsyncState object.
private ref class ClientState
{
private:
   AuthenticatedStream^ authStream;
   TcpClient^ client;
   array<Byte>^buffer;
   StringBuilder^ message;
   ManualResetEvent^ waiter;

internal:
   ClientState( AuthenticatedStream^ a, TcpClient^ theClient )
   {
      authStream = a;
      client = theClient;
      message = nullptr;
      buffer = gcnew array<Byte>(2048);
      waiter = gcnew ManualResetEvent( false );
   }

internal:
   property TcpClient^ Client 
   {
      TcpClient^ get()
      {
         return client;
      }
   }

   property AuthenticatedStream^ AuthStream 
   {
      AuthenticatedStream^ get()
      {
         return authStream;
      }
  }

   property array<Byte>^ Buffer 
   {
      array<Byte>^ get()
      {
         return buffer;
      }

   }

   property StringBuilder^ Message 
   {
      StringBuilder^ get()
      {
         if ( message == nullptr )
                  message = gcnew StringBuilder;

         return message;
      }

   }

   property ManualResetEvent^ Waiter 
   {
      ManualResetEvent^ get()
      {
         return waiter;
      }

   }

};

public ref class AsynchronousAuthenticatingTcpListener
{
public:
   int Main()
   {

      // Create an IPv4 TCP/IP socket. 
      TcpListener^ listener = gcnew TcpListener( IPAddress::Any,11000 );

      // Listen for incoming connections.
      listener->Start();
      while ( true )
      {
         TcpClient^ clientRequest = nullptr;

         // Application blocks while waiting for an incoming connection.
         // Type CNTL-C to terminate the server.
         clientRequest = listener->AcceptTcpClient();
         Console::WriteLine( L"Client connected." );

         // A client has connected. 
         try
         {
            AuthenticateClient( clientRequest );
         }
         catch ( Exception^ e ) 
         {
            Console::WriteLine( e );
            continue;
         }

      }
   }


   static void AuthenticateClient( TcpClient^ clientRequest )
   {
      NetworkStream^ stream = clientRequest->GetStream();

      // Create the NegotiateStream.
      NegotiateStream^ authStream = gcnew NegotiateStream( stream,false );

      // Save the current client and NegotiateStream instance 
      // in a ClientState object.
      ClientState^ cState = gcnew ClientState( authStream,clientRequest );

      // Listen for the client authentication request.
      authStream->BeginAuthenticateAsServer( gcnew AsyncCallback( EndAuthenticateCallback ), cState );

      // Wait until the authentication completes.
      cState->Waiter->WaitOne();
      cState->Waiter->Reset();
      authStream->BeginRead( cState->Buffer, 0, cState->Buffer->Length, gcnew AsyncCallback( EndReadCallback ), cState );
      cState->Waiter->WaitOne();

      // Finished with the current client.
      authStream->Close();
      clientRequest->Close();
   }


   // The following method is invoked by the
   // BeginServerAuthenticate callback delegate.
   static void EndAuthenticateCallback( IAsyncResult^ ar )
   {

      // Get the saved data.
      ClientState^ cState = dynamic_cast<ClientState^>(ar->AsyncState);
      TcpClient^ clientRequest = cState->Client;
      NegotiateStream^ authStream = dynamic_cast<NegotiateStream^>(cState->AuthStream);
      Console::WriteLine( L"Ending authentication." );

      // Any exceptions that occurred during authentication are
      // thrown by the EndServerAuthenticate method.
      try
      {

         // This call blocks until the authentication is complete.
         authStream->EndAuthenticateAsServer( ar );
      }
      catch ( AuthenticationException^ e ) 
      {
         Console::WriteLine( e );
         Console::WriteLine( L"Authentication failed - closing connection." );
         cState->Waiter->Set();
         return;
      }
      catch ( Exception^ e ) 
      {
         Console::WriteLine( e );
         Console::WriteLine( L"Closing connection." );
         cState->Waiter->Set();
         return;
      }


      // Display properties of the authenticated client.
      IIdentity^ id = authStream->RemoteIdentity;
      Console::WriteLine( L"{0} was authenticated using {1}.", id->Name, id->AuthenticationType );
      cState->Waiter->Set();
   }


   static void EndReadCallback( IAsyncResult^ ar )
   {

      // Get the saved data.
      ClientState^ cState = dynamic_cast<ClientState^>(ar->AsyncState);
      TcpClient^ clientRequest = cState->Client;
      NegotiateStream^ authStream = dynamic_cast<NegotiateStream^>(cState->AuthStream);

      // Get the buffer that stores the message sent by the client.
      int bytes = -1;

      // Read the client message.
      try
      {
         bytes = authStream->EndRead( ar );
         cState->Message->Append( Encoding::UTF8->GetChars( cState->Buffer, 0, bytes ) );
         if ( bytes != 0 )
         {
            authStream->BeginRead( cState->Buffer, 0, cState->Buffer->Length, gcnew AsyncCallback( EndReadCallback ), cState );
            return;
         }
      }
      catch ( Exception^ e ) 
      {

         // A real application should do something
         // useful here, such as logging the failure.
         Console::WriteLine( L"Client message exception:" );
         Console::WriteLine( e );
         cState->Waiter->Set();
         return;
      }

      IIdentity^ id = authStream->RemoteIdentity;
      Console::WriteLine( L"{0} says {1}", id->Name, cState->Message );
      cState->Waiter->Set();
   }

};

void main()
{
   AsynchronousAuthenticatingTcpListener^ aatl = gcnew AsynchronousAuthenticatingTcpListener;
   aatl->Main();
}

Universal Windows Platform
Available since 10
.NET Framework
Available since 2.0

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show:
© 2016 Microsoft