Class NegotiateAuthenticationType

Inheritance: Object → AuthenticationType → NegotiateAuthenticationType

Syntax

public sealed class NegotiateAuthenticationType : AuthenticationType, IAuthenticationType

Remarks

The NegotiateAuthenticationType class represents the Negotiate authentication protocol, which is used by the operating system to determine the appropriate authentication mechanism for network security. This class is part of the .NET Framework's security support for network communications. It allows applications to configure and utilize Negotiate authentication for secure connections.

Negotiate is a meta-authentication protocol that allows a client and server to negotiate the best authentication protocol that both support. It typically uses Kerberos or NTLM as the underlying authentication mechanism.

Thread Safety

Public static (Shared in Visual Basic) members of this type are thread-safe. Any instance members are not guaranteed to be thread-safe.

Example

The following C# code snippet demonstrates how to create an instance of NegotiateAuthenticationType and use it with an HttpClient for authentication.

using System;
using System.Net.Http;
using System.Net.Security;
using System.Threading.Tasks;

public class NegotiateAuthExample
{
    public static async Task MakeAuthenticatedRequest()
    {
        // Create a NegotiateAuthenticationType instance
        var negotiateAuthType = new NegotiateAuthenticationType();

        // Assuming you have a handler that can use this type,
        // for example, a custom HttpMessageHandler or similar setup.
        // In a typical scenario, Negotiate is often handled implicitly
        // by HttpClient for Windows authentication.
        // For explicit configuration, you might need more advanced setup.

        // For demonstration purposes, let's assume we are configuring
        // a hypothetical HttpClient setup that takes an AuthenticationType.
        // Note: HttpClient often handles this transparently with default credentials.

        using (var httpClient = new HttpClient())
        {
            // HttpClient.DefaultProxy is often where Windows Authentication
            // settings are implicitly applied, leveraging Negotiate.
            // If explicit configuration is needed, it's usually done at
            // the TransportContext or ServicePoint level depending on the API.

            // Example of a conceptual usage (may not be direct API):
            // httpClient.AuthenticationSchemes = System.Net.AuthenticationSchemes.Negotiate;

            try
            {
                Console.WriteLine("Attempting to make a request using Negotiate authentication...");
                // Replace with a URL that requires authentication or where you want to test
                HttpResponseMessage response = await httpClient.GetAsync("https://your-internal-server.local/api/data");

                response.EnsureSuccessStatusCode(); // Throw if HTTP status is not 2xx

                string responseBody = await response.Content.ReadAsStringAsync();
                Console.WriteLine("Request successful!");
                Console.WriteLine($"Response: {responseBody.Substring(0, Math.Min(responseBody.Length, 200))}..."); // Print first 200 chars
            }
            catch (HttpRequestException e)
            {
                Console.WriteLine($"Request error: {e.Message}");
            }
            catch (Exception e)
            {
                Console.WriteLine($"An unexpected error occurred: {e.Message}");
            }
        }
    }
}

Members

Constructor
public NegotiateAuthenticationType()

Initializes a new instance of the NegotiateAuthenticationType class.
Scheme
public string Scheme { get; }

Gets the authentication scheme name, which is "Negotiate".
Authenticate
public byte[] Authenticate(NetworkCredential credential, string challenge, System.Security.Cryptography.TokenImpersonationLevel impersonationLevel)

Authenticates a client or server by using the Negotiate security package. This is a core method for initiating or responding to an authentication challenge.
IsAuthenticated
public bool IsAuthenticated(NetworkCredential credential, string serverName)

Checks if the specified credentials can be used to authenticate with the specified server.
Wrap
public byte[] Wrap(byte[] data, bool continueProcessing)

Wraps (encrypts or signs) a message using the established security context. This is used for securing data sent between authenticated parties.
Unwrap
public byte[] Unwrap(byte[] data, bool continueProcessing)

Unwraps (decrypts or verifies the signature of) a message using the established security context. This is the counterpart to the Wrap method.

Requirements

Product	Version
.NET	1.0
.NET Framework client profile	Supported
.NET Framework	Supported in versions 1.0, 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.6, 4.7, 4.8
.NET Core	Not directly applicable, but similar functionality exists in `System.Net.Http.HttpClientHandler` with appropriate configuration.

Header	Value
Namespace	`System.Net.Security`
Assembly	System.Net.dll