Pages: 1

#1 2025-08-13 11:59:45

jienyuan
Member
Registered: 2017-07-22
Posts: 7

TRestServerAuthenticationSspi code question.

Hi AB,

There seems have a one line code in TRestServerAuthenticationSspi.Auth need to adjust,

could you help to confirm it? Thank you.

  // Current git version
  result := AuthSessionRelease(Ctxt, aUserName);
  if result or 
     (aUserName = '')  or
         not Ctxt.InputExists['Data']) then
    exit;

  //Adjusted version
  result := AuthSessionRelease(Ctxt, aUserName);
  if result or (
     (aUserName = '') and
       (not Ctxt.InputExists['Data'])) then
    exit;

JienYuan

Last edited by jienyuan (2025-08-13 12:00:05)

Offline

#2 2025-08-13 19:16:20

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 15,148
Website

Re: TRestServerAuthenticationSspi code question.

You are right.
The code was incorrect.

I get rid of all the NTLM support, to make the server side code cleaner.

Feedback is welcome!

Offline

#3 2025-08-14 08:09:34

Chaa
Member
Registered: 2011-03-26
Posts: 259

Re: TRestServerAuthenticationSspi code question.

ab wrote:

I get rid of all the NTLM support, to make the server side code cleaner.

Negotiate provider choose NTLM for local connections.

Anyway, for Kerberos, SSPI authentication code it no longer works. On my Windows 10 machine AcceptSecurityContext inside ServerSspiAuth returns SEC_I_CONTINUE_NEEDED and there is no code path to return data back.

Offline

#4 2025-08-14 09:44:46

jienyuan
Member
Registered: 2017-07-22
Posts: 7

Re: TRestServerAuthenticationSspi code question.

Although, it can create and register custom authenticator but still wondering is it possible to keep NTLM auth in framework for local testing purpose.

Offline

Pages: 1

Board footer

Powered by FluxBB