Edit

Share via

Obtaining Default Digest Credentials

  • Article

Both clients and servers must obtain credentials before they can establish a security context for message exchange. The default behavior of the AcquireCredentialsHandle function is to provide credentials for the security principal associated with the current logon session.

The following example demonstrates a server-side call to obtain the default credentials.

SECURITY_STATUS SecStatus; 
TimeStamp tsLifetime; 
CredHandle hCred;
SecStatus = AcquireCredentialsHandle (
       NULL,                  // Default principal.
       WDIGEST_SP_NAME,       // Microsoft Digest SSP. 
       SECPKG_CRED_INBOUND,   // Server will use the credentials.
       NULL,                  // Use the current LOGON id.
       NULL,                  // Default credentials.
       NULL,                  // Not used with Digest SSP.
       NULL,                  // Not used with Digest SSP.
       &hCred,                // Receives the credential handle.
       &tsLifetime            // Receives the credential time limit.
);

The client-side call for default credentials is identical, except the third parameter must specify SECPKG_CRED_OUTBOUND to indicate that the client will use the credentials handle returned by the function.

For an example that demonstrates obtaining credentials for a security principal other than the logged on user, see Obtaining Alternate Credentials.