Server Initialization

The example in this topic shows the initialization code to add to a server so clients can connect using NTLMSSP authentication.

When the server starts, it calls the InitSecurityInterface function. If the server is directly binding to SECURITY.DLL, it can discard the returned function table. If the server dynamically loads SECURITY.DLL, it must call GetProcAddress(SECURITY_ENTRYPOINT) to get a pointer to the InitSecurityInterface function. The server uses the function table returned by InitSecurityInterface to make subsequent calls to the security provider functions.

Next, the server calls the QuerySecurityPackageInfo function to get the maximum length of the security token from the cbMaxToken member of the SecPkgInfo structure, as follows:

SECURITY_STATUS SecStatus;
PSecPkgInfo PackageInfo;
SecStatus = QuerySecurityPackageInfo(
    TEXT("NTLM"),
    &PackageInfo
);
 

The server then calls the AcquireCredentialsHandle function with the following parameters. The credential handle does not expire, so the server can ignore the expiration time.

CredHandle ServerCredential;  // global variable, used for the life 
                              // of the process
TimeStamp Expiration;         // local variable, may be discarded 
                              // after call returns

SecStatus = AcquireCredentialsHandle(
    NULL,                 // no principal name
    TEXT("NTLM"),         // package name
    SECPKG_CRED_INBOUND,  // credential use flag
    NULL,                 // no logon identifier
    NULL,                 // no package-specific data
    NULL,                 // no GetKey function
    NULL,                 // no GetKey function argument
    &ServerCredential,    // receives new credential handle
    &Expiration           // receives expiration time for the handle
);