Mutual Authentication in RPC Applications

RPC services can use service connection points to publish themselves, or they can use the RPC name service (RpcNs) APIs. This section provides sample code that shows how to perform mutual authentication with an RPC service that publishes itself using the RPC name service (RpcNs) APIs.

The steps for performing mutual authentication in an RPC application are as follows:

To register SPNs in the directory at service installation

1. Call the DsGetSpn function to compose service principal names (SPNs) for the service.
2. Call the DsWriteAccountSpn function to register the SPNs on the service account or computer account in whose context the service will run.

To register with the RPC run time at service startup

1. Verify that the appropriate SPNs are registered on the account under which the service is running. See Logon Account Maintenance Tasks.
2. Call the RpcServerRegisterAuthInfo function to register the service's SPNs with the RPC authentication service, and specify RPC_C_AUTHN_GSS_NEGOTIATE as the authentication service to use.

To authenticate the service at client startup

1. Extract the host name from the RPC Binding.
2. Compose the SPN for the service by calling DsMakeSpn with the service class, the DNS host name, and the service name (the distinguished name of the connection point in the case of RpcNs).
3. Set up an RPC_SECURITY_QOS structure to request mutual authentication.
4. Call the RpcBindingSetAuthInfoEx function to set the authentication information for the RPC binding. The client must request at least PKT_INTEGRITY to ensure that communications have not been tampered with. For greater security, the client should specify PKT_PRIVACY to request encryption.
5. Make the RPC call.

To authenticate the client from the service at the start of each remote procedure call

1. Call the RpcBindingInqAuthClient function to check the authentication parameters specified by the client. If the client has not requested the desired level of authentication, reject the call. Note that an RPC service must verify the authentication level, authentication service, and client identity on every call to ensure that the client has been properly authenticated.
2. Call the RpcImpersonateClient function to impersonate the client.
3. Perform the requested operation.
4. Call the RpcRevertToSelf function to revert to the service's security context.

The following topics provide sample code for mutual authentication in an RPC application.

• How a Client Authenticates an RpcNs Service
• Composing SPNs for an RpcNs Service
• How an RpcNs Service Authenticates a Caller

For more information, see the following topics:

• Publishing with the RPC Name Service (RpcNs)
• RPC Security Essentials