This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Security Support Provider Interface
Security Support Provider Interface

Version management

Difference between version and

At line 1 added 33 lines
!!! Overview
[{$pagename}] ([SSPI]) is the foundation for [authentication] in [Windows Server 2003] and later [Microsoft Windows]. [{$pagename}] allows an [application] to use various security models available on a computer or network without changing the interface to the security system.
[{$pagename}] is the implementation of the Generic Security Service API [GSSAPI] in [Windows Server 2003].
The default [Security Support Providers] in [Windows Server 2003]/[Windows Server 2008] are plugged into the [SSPI] in the form of DLLs. Additional [SSPs] can be plugged in if they are interoperable with the [SSPI].
[{$pagename}] is the implementation of the [Generic Security Service Application Program Interface] ([GSSAPI]) in [Windows Servers]:
* [Kerberos SSP] ([SPNEGO|SPNEGO])
* [Kerberos SSP]
* [NTLM SSP]
* [Schannel SSP]
* [Digest SSP]
are plugged into the [SSPI] in the form of DLLs. Additional SSPs can be plugged in if they are interoperable with the [{$pagename}].
!! SSPI in [Authentication]
The SSPI in [Windows Server 2003] and later provides a mechanism that carries [authentication] [tokens] over the existing [protocol], thus eliminating the need for communicating parties to specify a network protocol for use during [authentication]. When two parties need to be authenticated so that they can communicate, the requests for [authentication] are routed to the [SSPI], which completes the [authentication] process, regardless of the network [protocol] currently in use.
Any [application] can make a request of the [SSPI]. Each of these requests goes through the [SSPI], for [example]:
* [Winlogon] sends requests to the [Local Security Authority], which obtains tickets to access the local computer.
* Internet Explorer obtains tickets to access information about a Web site.
* An [LDAP client|DUA] obtains tickets to enable access to information in an x500 directory, such as [Microsoft Active Directory].
!! SSPI-Architecture
A "Simple" diagram of [{$pagename}]
[{Image src='Security Support Provider Interface/SSPI-Architecture.png' caption='Topo Survey' align=left width=1024 height=500 style='font-size: 120%}].
\\
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop