Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
System.Security.Authentication.ExtendedProtection Namespace
Collapse the table of content
Expand the table of content

System.Security.Authentication.ExtendedProtection Namespace

The System.Security.Authentication.ExtendedProtection namespace provides support for authentication using extended protection for applications.

The design of Integrated Windows Authentication (IWA) allows for some credential challenge responses to be universal, meaning they can be re-used or forwarded. If this particular design feature is not needed then the challenge responses should be constructed with, at minimum, target specific information and, at best, also some channel specific information. Services can then provide extended protection to ensure that credential challenge responses contain service specific information (a Service Provider Name or SPN) and, if necessary, channel specific information (a channel binding token or CBT). With this information in the credential exchanges, services are able to better protect against malicious use of credential challenge responses that might have been improperly obtained.

  ClassDescription
Public classChannelBindingThe ChannelBinding class represents the opaque data used to bind a secure channel.
Public classExtendedProtectionPolicyThe ExtendedProtectionPolicy class represents the extended protection policy used by the server to validate incoming client connections.
Public classServiceNameCollectionThe ServiceNameCollection class is a read-only collection of service principal names.

  EnumerationDescription
Public enumerationChannelBindingKindThe ChannelBindingKind enumeration represents the kinds of channel bindings that can be queried from secure channels.
Public enumerationPolicyEnforcementThe PolicyEnforcement enumeration specifies when the ExtendedProtectionPolicy should be enforced.
Public enumerationProtectionScenarioThe ProtectionScenario enumeration specifies the protection scenario enforced by the policy.

Community Additions

ADD
Show:
© 2015 Microsoft