| Platform SDK: Logon Authentication |
When a client begins, it selects a security package for its transactions with a server and then contacts that server. A server selects one or more security packages and waits for a client connection.
For specific information about the SSPI security packages available with a particular SSP, the EnumerateSecurityPackages function can be called to retrieve a SecPkgInfo structure.
To retrieve the output structure, the caller passes to the function the address of a pointer to the type of the return structure. The function allocates memory and returns the data to the caller by assigning the address of the return data buffer to the argument. The SSPI convention is that the functions allocates memory for the structure and the calling application frees that memory using FreeContextBuffer.
Calling the QuerySecurityPackageInfo function retrieves the attributes of a security package. Both server and client can call QuerySecurityPackageInfo to get the maximum length of the security token from the cbMaxToken member of the SecPkgInfo structure. See the example in the InitPackage function in Using SSPI with a Windows Sockets Client or Using SSPI with a Windows Sockets Server.
For more information on package functions, see Package Management.