NegotiateStream.AuthenticateAsClient Method

Definition

Called by clients to authenticate the client, and optionally the server, in a client-server connection.

Overloads

AuthenticateAsClient()

Called by clients to authenticate the client, and optionally the server, in a client-server connection.

AuthenticateAsClient(NetworkCredential, String)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified client credential.

AuthenticateAsClient(NetworkCredential, ChannelBinding, String)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified client credential and the channel binding.

AuthenticateAsClient(NetworkCredential, String, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials and authentication options.

AuthenticateAsClient(NetworkCredential, ChannelBinding, String, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credential, authentication options, and channel binding.

AuthenticateAsClient()

Called by clients to authenticate the client, and optionally the server, in a client-server connection.

public:
 virtual void AuthenticateAsClient();
public virtual void AuthenticateAsClient ();
abstract member AuthenticateAsClient : unit -> unit
override this.AuthenticateAsClient : unit -> unit
Public Overridable Sub AuthenticateAsClient ()

Exceptions

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

This object has been closed.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.

Remarks

The authentication uses the client's DefaultCredentials. No Service Principal Name (SPN) is specified for the server. The impersonation level is Identification, the security level is EncryptAndSign, and mutual authentication is requested. The NegotiateStream class will construct the SPN used for mutual authentication.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

Applies to

AuthenticateAsClient(NetworkCredential, String)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified client credential.

public:
 virtual void AuthenticateAsClient(System::Net::NetworkCredential ^ credential, System::String ^ targetName);
public virtual void AuthenticateAsClient (System.Net.NetworkCredential credential, string targetName);
abstract member AuthenticateAsClient : System.Net.NetworkCredential * string -> unit
override this.AuthenticateAsClient : System.Net.NetworkCredential * string -> unit
Public Overridable Sub AuthenticateAsClient (credential As NetworkCredential, targetName As String)

Parameters

credential
NetworkCredential

The NetworkCredential that is used to establish the identity of the client.

targetName
String

The Service Principal Name (SPN) that uniquely identifies the server to authenticate.

Exceptions

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

This object has been closed.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.

targetName is null.

Remarks

The impersonation level is Identification, the security level is EncryptAndSign, and mutual authentication is requested. The NegotiateStream class will construct the SPN used for mutual authentication.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

Applies to

AuthenticateAsClient(NetworkCredential, ChannelBinding, String)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified client credential and the channel binding.

public:
 virtual void AuthenticateAsClient(System::Net::NetworkCredential ^ credential, System::Security::Authentication::ExtendedProtection::ChannelBinding ^ binding, System::String ^ targetName);
public virtual void AuthenticateAsClient (System.Net.NetworkCredential credential, System.Security.Authentication.ExtendedProtection.ChannelBinding? binding, string targetName);
public virtual void AuthenticateAsClient (System.Net.NetworkCredential credential, System.Security.Authentication.ExtendedProtection.ChannelBinding binding, string targetName);
abstract member AuthenticateAsClient : System.Net.NetworkCredential * System.Security.Authentication.ExtendedProtection.ChannelBinding * string -> unit
override this.AuthenticateAsClient : System.Net.NetworkCredential * System.Security.Authentication.ExtendedProtection.ChannelBinding * string -> unit
Public Overridable Sub AuthenticateAsClient (credential As NetworkCredential, binding As ChannelBinding, targetName As String)

Parameters

credential
NetworkCredential

The NetworkCredential that is used to establish the identity of the client.

binding
ChannelBinding

The ChannelBinding that is used for extended protection.

targetName
String

The Service Principal Name (SPN) that uniquely identifies the server to authenticate.

Exceptions

targetName is null.

-or-

credential is null.

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.

This object has been closed.

Remarks

The impersonation level is Identification, the security level is EncryptAndSign, and mutual authentication is requested. The NegotiateStream class will construct the SPN used for mutual authentication.

The ChannelBinding used for extended protection that is passed to this method in the binding parameter would be retrieved by an application from TransportContext property on the associated SslStream.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

See also

Applies to

AuthenticateAsClient(NetworkCredential, String, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credentials and authentication options.

public:
 virtual void AuthenticateAsClient(System::Net::NetworkCredential ^ credential, System::String ^ targetName, System::Net::Security::ProtectionLevel requiredProtectionLevel, System::Security::Principal::TokenImpersonationLevel allowedImpersonationLevel);
public virtual void AuthenticateAsClient (System.Net.NetworkCredential credential, string targetName, System.Net.Security.ProtectionLevel requiredProtectionLevel, System.Security.Principal.TokenImpersonationLevel allowedImpersonationLevel);
abstract member AuthenticateAsClient : System.Net.NetworkCredential * string * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
override this.AuthenticateAsClient : System.Net.NetworkCredential * string * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
Public Overridable Sub AuthenticateAsClient (credential As NetworkCredential, targetName As String, requiredProtectionLevel As ProtectionLevel, allowedImpersonationLevel As TokenImpersonationLevel)

Parameters

credential
NetworkCredential

The NetworkCredential that is used to establish the identity of the client.

targetName
String

The Service Principal Name (SPN) that uniquely identifies the server to authenticate.

requiredProtectionLevel
ProtectionLevel

One of the ProtectionLevel values, indicating the security services for the stream.

allowedImpersonationLevel
TokenImpersonationLevel

One of the TokenImpersonationLevel values, indicating how the server can use the client's credentials to access resources.

Exceptions

allowedImpersonationLevel is not a valid value.

targetName is null.

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

This object has been closed.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.

Remarks

Use the requiredProtectionLevel parameter to request security services for data transmitted using the authenticated stream. For example, to have the data encrypted and signed, specify the EncryptAndSign value. Successful authentication does not guarantee that the requested ProtectionLevel has been granted. You must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

Applies to

AuthenticateAsClient(NetworkCredential, ChannelBinding, String, ProtectionLevel, TokenImpersonationLevel)

Called by clients to authenticate the client, and optionally the server, in a client-server connection. The authentication process uses the specified credential, authentication options, and channel binding.

public:
 virtual void AuthenticateAsClient(System::Net::NetworkCredential ^ credential, System::Security::Authentication::ExtendedProtection::ChannelBinding ^ binding, System::String ^ targetName, System::Net::Security::ProtectionLevel requiredProtectionLevel, System::Security::Principal::TokenImpersonationLevel allowedImpersonationLevel);
public virtual void AuthenticateAsClient (System.Net.NetworkCredential credential, System.Security.Authentication.ExtendedProtection.ChannelBinding? binding, string targetName, System.Net.Security.ProtectionLevel requiredProtectionLevel, System.Security.Principal.TokenImpersonationLevel allowedImpersonationLevel);
public virtual void AuthenticateAsClient (System.Net.NetworkCredential credential, System.Security.Authentication.ExtendedProtection.ChannelBinding binding, string targetName, System.Net.Security.ProtectionLevel requiredProtectionLevel, System.Security.Principal.TokenImpersonationLevel allowedImpersonationLevel);
abstract member AuthenticateAsClient : System.Net.NetworkCredential * System.Security.Authentication.ExtendedProtection.ChannelBinding * string * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
override this.AuthenticateAsClient : System.Net.NetworkCredential * System.Security.Authentication.ExtendedProtection.ChannelBinding * string * System.Net.Security.ProtectionLevel * System.Security.Principal.TokenImpersonationLevel -> unit
Public Overridable Sub AuthenticateAsClient (credential As NetworkCredential, binding As ChannelBinding, targetName As String, requiredProtectionLevel As ProtectionLevel, allowedImpersonationLevel As TokenImpersonationLevel)

Parameters

credential
NetworkCredential

The NetworkCredential that is used to establish the identity of the client.

binding
ChannelBinding

The ChannelBinding that is used for extended protection.

targetName
String

The Service Principal Name (SPN) that uniquely identifies the server to authenticate.

requiredProtectionLevel
ProtectionLevel

One of the ProtectionLevel values, indicating the security services for the stream.

allowedImpersonationLevel
TokenImpersonationLevel

One of the TokenImpersonationLevel values, indicating how the server can use the client's credentials to access resources.

Exceptions

targetName is null.

-or-

credential is null.

allowedImpersonationLevel is not a valid value.

The authentication failed. You can use this object to retry the authentication.

The authentication failed. You can use this object to retry the authentication.

Authentication has already occurred.

-or-

This stream was used previously to attempt authentication as the server. You cannot use the stream to retry authentication as the client.

This object has been closed.

Remarks

Use the requiredProtectionLevel parameter to request security services for data transmitted using the authenticated stream. For example, to have the data encrypted and signed, specify the EncryptAndSign value. Successful authentication does not guarantee that the requested ProtectionLevel has been granted. You must check the IsEncrypted and IsSigned properties to determine what security services are used by the NegotiateStream.

The ChannelBinding used for extended protection that is passed to this method in the binding parameter would be retrieved by an application from TransportContext property on the associated SslStream.

If the authentication fails, you receive an AuthenticationException or an InvalidCredentialException. In this case, you can retry the authentication with a different credential.

See also

Applies to