NegotiateStream.AuthenticateServer Method
Public Overloads Sub AuthenticateServer()
Authenticates the server side of a connection using the Negotiate security package.
Syntax
Public Overloads Sub AuthenticateServer()Remarks
The AuthenticateServer method completes the server-side authentication process. This method is called after the client has called NegotiateStream.AuthenticateAsClient. The AuthenticateServer method negotiates security properties with the client and establishes a secure channel for communication.
This method must be called before any data is sent or received over the NegotiateStream. The AuthenticateServer method will block until the authentication is complete or an error occurs.
Tip: For successful authentication, ensure that both the client and server are configured correctly to use the Negotiate security package and that their credentials are valid.
Examples
C# Example
using System;
using System.Net.Sockets;
using System.Net.Security;
using System.Security.Principal;
using System.Text;
public class ServerAuthExample
{
public static void RunServer(int port)
{
TcpListener listener = new TcpListener(System.Net.IPAddress.Any, port);
listener.Start();
Console.WriteLine($"Server started on port {port}. Waiting for connections...");
while (true)
{
TcpClient client = listener.AcceptTcpClient();
Console.WriteLine("Client connected!");
// Wrap the NetworkStream with SslStream for authentication
using (NetworkStream stream = client.GetStream())
{
// Use NegotiateStream for SPNEGO authentication
// For server-side, typically use default credentials or a specific Service Principal Name (SPN)
// This example uses default credentials and assumes Kerberos or NTLM will be negotiated.
NegotiateStream negotiateStream = new NegotiateStream(stream, false);
try
{
// Authenticate the server side
Console.WriteLine("Authenticating server...");
negotiateStream.AuthenticateServer();
Console.WriteLine("Server authentication successful.");
// Get the identity of the authenticated client
IIdentity clientIdentity = negotiateStream.RemoteIdentity;
Console.WriteLine($"Authenticated as: {clientIdentity.Name}");
// Now you can send and receive data securely
byte[] buffer = new byte[1024];
int bytesRead = negotiateStream.Read(buffer, 0, buffer.Length);
string message = Encoding.UTF8.GetString(buffer, 0, bytesRead);
Console.WriteLine($"Received: {message}");
string response = "Hello from authenticated server!";
byte[] responseBytes = Encoding.UTF8.GetBytes(response);
negotiateStream.Write(responseBytes, 0, responseBytes.Length);
Console.WriteLine("Sent response.");
}
catch (Exception ex)
{
Console.WriteLine($"Authentication or communication error: {ex.Message}");
}
finally
{
// The using statement will dispose of negotiateStream and the inner stream
}
}
Console.WriteLine("Client connection closed.");
}
}
// You would typically call RunServer from your Main method or an appropriate entry point.
// For example:
// public static void Main(string[] args)
// {
// RunServer(13000);
// }
}
Requirements
| Assembly | Library |
|---|---|
| System.Net.dll | .NET Framework 2.0, .NET Core 1.0, .NET Framework 4.5, .NET Standard 1.3 |
See Also
Note: The behavior of
NegotiateStream can vary depending on the underlying security provider (e.g., Kerberos, NTLM) and the operating system environment.