SSO handshake with Active directory

Question

I've done a small TCP/IP server which acts quite like an ftp server. On the client side, I'm using an API to connect and to exchange data against the server.

This server will be on an active-directory ecosystem, so the client.

What kind of API should I use to implement a SSO/AD authentication on my server ? (Everything is written in C)

I've seen that SqlServer is doing this through the Trusted connection term. Perhaps a simplier to do things ?

Should I lead to SSPI exchange loop ?

Answer 1

Yes, you need to init a security context from the client and accept that contect from the server, loop until the security context has been established. If you are concerned about your private, you can encrypt the entire traffic with Kerberos.