Click here to Skip to main content
15,891,375 members
Search within:


Articles / Programming Languages / C++
 
Article

User authentication using SSPI and AutoLogOn

Rate me:
Please Sign up or sign in to vote.
1.44/5 (6 votes)
30 Mar 2005CPOL1 min read 48.2K   1.3K   10   5
An AutoLogOn program with user authentication check.

Sample Image

Introduction

Sometimes you may want an application to verify a user's user name and password on the network or on the local machine. This is a more elegant approach to handle the authentication rather than using some application defined credentials.

Background

On Windows XP, the existing LogonUser Windows API might do just fine, but on WinNT and Win2K, your process must have the SE_TCB_NAME privilege set. To a large extent, the CCredentials class will only dress up some C code provided at KB 180548 in a more OOP approach.

As a quick application for this class, I've created an AutoLogon program that would set the proper Registry entries that will suppress the logon prompt after a reboot. The trick is to set the proper credentials, and the authentication process makes sure that any typos won't get in your way to achieve the desired result. The code uses COM conventions and styles, but CCredentials is still a regular class.

Using the code

You need to create a class, set the domain name, username and password, and then check the authentication result by calling CCredentials::get_IsNTAuthenticatedUser.

C++
CCredentials NTCrd;
VARIANT_BOOL vbAuthenticated = VARIANT_FALSE;
//..............
NTCrd.put_NTDomain(CComBSTR(Domain));
NTCrd.put_NTUserName(CComBSTR(UserName));
NTCrd.put_NTPassword(CComBSTR(Password));

//NT Authentication
if(FAILED( NTCrd.get_IsNTAuthenticatedUser(&vbAuthenticated)) ||
           vbAuthenticated == VARIANT_FALSE)
{
    if(MessageBox( hDlg, 
       "This user cannot be authenticated!\nDo you want to continue anyway?",
       "User Authentication Failed", MB_ICONERROR|MB_YESNO ) == IDNO)
    {
        //..............
    }
}
//..............

get_IsNTAuthenticatedUser uses APIs found in security.dll/secur32.dll that acquire, initialize, and complete the authentication for the server and the client. For more information on this topic, you will need to consult the MSDN.

Points of Interest

On a WinXP machine, make sure that the ForceGuest Registry value is set to 1 in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Registry key.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
dmihailescu
Software Developer (Senior)
United States United States
Decebal Mihailescu is a software engineer with interest in .Net, C# and C++.

Comments and Discussions

 
First Prev Next
GeneralMy vote of 1 Pin
Slesa6-Feb-18 20:01
Slesa6-Feb-18 20:01 
QuestionTimer Pin
Member 1077978727-Apr-14 22:26
Member 1077978727-Apr-14 22:26 
QuestionCould you fix the horizontal scrolling problem? Pin
WREY30-Mar-05 8:19
WREY30-Mar-05 8:19 
AnswerRe: Could you fix the horizontal scrolling problem? Pin
dmihailescu30-Mar-05 9:29
dmihailescu30-Mar-05 9:29 
GeneralRe: Could you fix the horizontal scrolling problem? Pin
WREY30-Mar-05 9:49
WREY30-Mar-05 9:49 
Last Visit: 31-Dec-99 18:00     Last Update: 4-May-24 0:50Refresh1

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 30 Mar 2005

Article Copyright 2005 by dmihailescu
Everything else Copyright © CodeProject, 1999-2024

Web02 2.8:2024-04-02:1