Authentication Packages

Dương Doãn Hà (KHN.SBU3) 0 Reputation points
2024-11-27T07:46:29.0266667+00:00

Hello,

I've done a custom credential provider(https://github.com/DavidWeiss2/windows-Credential-Provider-library). until now, I'm able to work well with it, but I need to change the credentials needed for the authentication (i.e. login in the user account without the password).

I believe that to achieve this, I need something outside the CP, a custom implementation of a SSP/AP dll.

As I understand, the LsaLogonUser function is gets as parameters the output of the getSerialization method from the CP, but this parameters include the passwor because LsaLogonUser compares it with the stored credentials to create a new logon session and returns a user token, so I think that I have to make also a custom implementation of LsaLogonUser that calls my own AP instead of the default (registered here:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Authentication Packages).

If any of my assumptions are wrong, please tell me, I'm specially insecure about the LsaLogonUser custom implementation.

What I want to know is if there is somewhere an example or more documentation about how to implement a custom SSP/AP, maybe some code (just like the microsoft example for CP), or if you could give me some light about what files do I need to create, where to register them and how to use them instead of the windows defaults.

In less words, I want to know what I have to do to be able to login without password (with a server call response for example).

Thank you very much for your help, I am a bit overwhelmed with this

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,571 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.