Namespace: System.Net.Security
Assembly: System.Net.Security.dll
Authenticates the server end of a secure stream.
Syntax
public virtual bool AuthenticateServer(
NetworkCredential serverCredential
);
Parameters
- serverCredential
- A NetworkCredential object that contains the user name, password, and domain for the server.
Return Value
true if the authentication was successful; otherwise, false.
Exceptions
- ArgumentNullException
- The serverCredential parameter is null.
- ObjectDisposedException
- The NegotiateStream has been disposed.
- IOException
- An I/O error occurred while reading from or writing to the stream.
- SecurityException
- The authentication failed.
Remarks
The AuthenticateServer method initiates the server-side authentication process using the Negotiate Security Support Provider (NegotiateSSP). The NegotiateSSP selects the most appropriate security package (such as Kerberos or NTLM) to use for authentication. The client and server exchange security tokens until authentication is complete or fails.
Before calling AuthenticateServer, you must create a NegotiateStream object and associate it with a secure channel, typically an SslStream or a transport stream that supports authentication. The serverCredential parameter provides the credentials that the server will use to authenticate itself to the client.
null for the serverCredential parameter to use the credentials of the currently logged-on user.
Example
The following code example demonstrates how to use the AuthenticateServer method.
1 using System;
2 using System.Net;
3 using System.Net.Security;
4 using System.Net.Sockets;
5 using System.Security.Cryptography.X509Certificates;
6 using System.Threading.Tasks;
7
8 public class NegotiateServerExample
9 {
10 public static async Task StartServerAsync(int port)
11 {
12 TcpListener listener = new TcpListener(IPAddress.Any, port);
13 listener.Start();
14 Console.WriteLine("Server started. Waiting for connections...");
15
16 while (true)
17 {
18 TcpClient client = await listener.AcceptTcpClientAsync();
19 _ = HandleClientAsync(client); // Fire and forget
20 }
21 }
22
23 private static async Task HandleClientAsync(TcpClient client)
24 {
25 using (NetworkStream stream = client.GetStream())
26 {
27 // For demonstration, we'll use a simple NetworkCredential.
28 // In a real application, you'd get credentials securely.
29 NetworkCredential serverCredentials = new NetworkCredential("serverUser", "serverPassword", "yourdomain.com");
30
31 // Use NegotiateStream for authentication
32 using (NegotiateStream negotiateStream = new NegotiateStream(stream, false))
33 {
34 try
35 {
36 Console.WriteLine("Authenticating server...");
37 bool authenticated = await negotiateStream.AuthenticateServerAsync(serverCredentials);
38
39 if (authenticated)
40 {
41 Console.WriteLine("Server authentication successful.");
42
43 // Now you can read/write to the authenticated stream
44 byte[] buffer = new byte[1024];
45 int bytesRead = await negotiateStream.ReadAsync(buffer, 0, buffer.Length);
46 string message = System.Text.Encoding.UTF8.GetString(buffer, 0, bytesRead);
47 Console.WriteLine($"Received: {message}");
48
49 string response = "Hello from authenticated server!";
50 byte[] responseBytes = System.Text.Encoding.UTF8.GetBytes(response);
51 await negotiateStream.WriteAsync(responseBytes, 0, responseBytes.Length);
52 Console.WriteLine("Sent response.");
53 }
54 else
55 {
56 Console.WriteLine("Server authentication failed.");
57 }
58 }
59 catch (Exception ex)
60 {
61 Console.WriteLine($"Authentication error: {ex.Message}");
62 }
63 }
64 }
65 client.Close();
66 Console.WriteLine("Client connection closed.");
67 }
68
69 public static void Main(string[] args)
70 {
71 // Start the server on port 13000
72 _ = StartServerAsync(13000);
73
74 Console.WriteLine("Press any key to exit.");
75 Console.ReadKey();
76 }
77 }
78
Requirements
Namespace: System.Net.Security
Assembly: System.Net.Security.dll
.NET Framework versions: Available in .NET Framework 4.5 and later.