System.Net.Security.NegotiateStream.AuthenticateAsClient MethodAuthenticates a client. This method attempts to establish a secure stream using the Negotiate security package.
public override void AuthenticateAsClient(
CredentialCache credentialCache,
ProtectionLevel requiredProtectionLevel,
bool leaveStreamOpen
)public override void AuthenticateAsClient(
TokenImpersonationLevel requiredImpersonationLevel,
bool leaveStreamOpen
)public override void AuthenticateAsClient(
string targetName,
bool leaveStreamOpen
)public override void AuthenticateAsClient(
string targetName,
CredentialCache credentialCache,
ProtectionLevel requiredProtectionLevel,
bool leaveStreamOpen
)credentialCache
A CredentialCache object that contains the client credentials.
requiredProtectionLevel
One of the ProtectionLevel enumeration values that specifies the level of protection the client requires.
leaveStreamOpen
true to leave the underlying stream open after the authentication is complete; otherwise, false.
requiredImpersonationLevel
One of the TokenImpersonationLevel enumeration values that specifies the impersonation level required.
targetName
The name of the target service principal name (SPN).
The AuthenticateAsClient method is used to initiate the authentication process for a client. It negotiates a security context with a server using the Negotiate security package. The Negotiate package attempts to use Kerberos and then falls back to NTLM if Kerberos is not available.
When you call this method, the NegotiateStream object attempts to obtain credentials and establish a secure channel. The specific overload you use determines how credentials and other security settings are provided.
If leaveStreamOpen is true, the underlying stream remains open after authentication, allowing you to continue sending and receiving data. If false, the stream is closed.
ArgumentNullException
credentialCache is null.
ArgumentException
targetName is null or empty.
InvalidOperationException
The stream is already authenticated or has been closed.
AuthenticationException
An error occurred during authentication.
using System;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
public class ClientExample
{
public static void Main(string[] args)
{
string serverName = "your_server_hostname"; // Replace with actual server hostname
int port = 12345; // Replace with actual server port
try
{
TcpClient client = new TcpClient(serverName, port);
using (NetworkStream networkStream = client.GetStream())
{
// Use NegotiateStream for client authentication
// Example using targetName and default settings
using (NegotiateStream negotiateStream = new NegotiateStream(networkStream, true))
{
// Authenticate as a client
// Specify the target SPN (e.g., "HTTP/your_server_hostname")
// or null to let NegotiateStream determine it if possible.
// For Kerberos, targetName is crucial. For NTLM, it's often optional.
negotiateStream.AuthenticateAsClient("HTTP/" + serverName, true);
Console.WriteLine("Client authentication successful!");
// Now you can send and receive data securely
byte[] message = Encoding.UTF8.GetBytes("Hello, secure server!");
negotiateStream.Write(message, 0, message.Length);
Console.WriteLine("Sent: Hello, secure server!");
byte[] buffer = new byte[1024];
int bytesRead = negotiateStream.Read(buffer, 0, buffer.Length);
string response = Encoding.UTF8.GetString(buffer, 0, bytesRead);
Console.WriteLine("Received: " + response);
}
}
client.Close();
}
catch (Exception ex)
{
Console.WriteLine("An error occurred: " + ex.Message);
}
}
}