Click here to Skip to main content
Click here to Skip to main content
Go to top

User authentication using SSPI and AutoLogOn

, 30 Mar 2005
Rate this:
Please Sign up or sign in to vote.
An AutoLogOn program with user authentication check.

Sample Image

Introduction

Sometimes you may want an application to verify a user's user name and password on the network or on the local machine. This is a more elegant approach to handle the authentication rather than using some application defined credentials.

Background

On Windows XP, the existing LogonUser Windows API might do just fine, but on WinNT and Win2K, your process must have the SE_TCB_NAME privilege set. To a large extent, the CCredentials class will only dress up some C code provided at KB 180548 in a more OOP approach.

As a quick application for this class, I've created an AutoLogon program that would set the proper Registry entries that will suppress the logon prompt after a reboot. The trick is to set the proper credentials, and the authentication process makes sure that any typos won't get in your way to achieve the desired result. The code uses COM conventions and styles, but CCredentials is still a regular class.

Using the code

You need to create a class, set the domain name, username and password, and then check the authentication result by calling CCredentials::get_IsNTAuthenticatedUser.

CCredentials NTCrd;
VARIANT_BOOL vbAuthenticated = VARIANT_FALSE;
//..............
NTCrd.put_NTDomain(CComBSTR(Domain));
NTCrd.put_NTUserName(CComBSTR(UserName));
NTCrd.put_NTPassword(CComBSTR(Password));

//NT Authentication
if(FAILED( NTCrd.get_IsNTAuthenticatedUser(&vbAuthenticated)) ||
           vbAuthenticated == VARIANT_FALSE)
{
    if(MessageBox( hDlg, 
       "This user cannot be authenticated!\nDo you want to continue anyway?",
       "User Authentication Failed", MB_ICONERROR|MB_YESNO ) == IDNO)
    {
        //..............
    }
}
//..............

get_IsNTAuthenticatedUser uses APIs found in security.dll/secur32.dll that acquire, initialize, and complete the authentication for the server and the client. For more information on this topic, you will need to consult the MSDN.

Points of Interest

On a WinXP machine, make sure that the ForceGuest Registry value is set to 1 in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Registry key.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

dmihailescu
Software Developer (Senior)
United States United States
Decebal Mihailescu is a software engineer with interest in .Net, C# and C++.

Comments and Discussions

 
QuestionTimer PinmemberMember 1077978727-Apr-14 22:26 
QuestionCould you fix the horizontal scrolling problem? PinmemberWREY30-Mar-05 8:19 
AnswerRe: Could you fix the horizontal scrolling problem? Pinmemberdmihailescu30-Mar-05 9:29 
GeneralRe: Could you fix the horizontal scrolling problem? PinmemberWREY30-Mar-05 9:49 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.140921.1 | Last Updated 30 Mar 2005
Article Copyright 2005 by dmihailescu
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid