117 lines
10 KiB
Plaintext
117 lines
10 KiB
Plaintext
|
unit IdResourceStringsSSPI;
|
||
|
|
||
|
interface
|
||
|
|
||
|
resourcestring
|
||
|
//SSPI Authentication
|
||
|
{
|
||
|
Note: CompleteToken is an API function Name:
|
||
|
}
|
||
|
RSHTTPSSPISuccess = 'Successfull API call';
|
||
|
RSHTTPSSPINotEnoughMem = 'Not enough memory is available to complete this request';
|
||
|
RSHTTPSSPIInvalidHandle = 'The handle specified is invalid';
|
||
|
RSHTTPSSPIFuncNotSupported = 'The function requested is not supported';
|
||
|
RSHTTPSSPIUnknownTarget = 'The specified target is unknown or unreachable';
|
||
|
RSHTTPSSPIInternalError = 'The Local Security Authority cannot be contacted';
|
||
|
RSHTTPSSPISecPackageNotFound = 'The requested security package does not exist';
|
||
|
RSHTTPSSPINotOwner = 'The caller is not the owner of the desired credentials';
|
||
|
RSHTTPSSPIPackageCannotBeInstalled = 'The security package failed to initialize, and cannot be installed';
|
||
|
RSHTTPSSPIInvalidToken = 'The token supplied to the function is invalid';
|
||
|
RSHTTPSSPICannotPack = 'The security package is not able to marshall the logon buffer, so the logon attempt has failed';
|
||
|
RSHTTPSSPIQOPNotSupported = 'The per-message Quality of Protection is not supported by the security package';
|
||
|
RSHTTPSSPINoImpersonation = 'The security context does not allow impersonation of the client';
|
||
|
RSHTTPSSPILoginDenied = 'The logon attempt failed';
|
||
|
RSHTTPSSPIUnknownCredentials = 'The credentials supplied to the package were not recognized';
|
||
|
RSHTTPSSPINoCredentials = 'No credentials are available in the security package';
|
||
|
RSHTTPSSPIMessageAltered = 'The message or signature supplied for verification has been altered';
|
||
|
RSHTTPSSPIOutOfSequence = 'The message supplied for verification is out of sequence';
|
||
|
RSHTTPSSPINoAuthAuthority = 'No authority could be contacted for authentication.';
|
||
|
RSHTTPSSPIContinueNeeded = 'The function completed successfully, but must be called again to complete the context';
|
||
|
RSHTTPSSPICompleteNeeded = 'The function completed successfully, but CompleteToken must be called';
|
||
|
RSHTTPSSPICompleteContinueNeeded = 'The function completed successfully, but both CompleteToken and this function must be called to complete the context';
|
||
|
RSHTTPSSPILocalLogin = 'The logon was completed, but no network authority was available. The logon was made using locally known information';
|
||
|
RSHTTPSSPIBadPackageID = 'The requested security package does not exist';
|
||
|
RSHTTPSSPIContextExpired = 'The context has expired and can no longer be used.';
|
||
|
RSHTTPSSPIIncompleteMessage = 'The supplied message is incomplete. The signature was not verified.';
|
||
|
RSHTTPSSPIIncompleteCredentialNotInit = 'The credentials supplied were not complete, and could not be verified. The context could not be initialized.';
|
||
|
RSHTTPSSPIBufferTooSmall = 'The buffers supplied to a function was too small.';
|
||
|
RSHTTPSSPIIncompleteCredentialsInit = 'The credentials supplied were not complete, and could not be verified. Additional information can be returned from the context.';
|
||
|
RSHTTPSSPIRengotiate = 'The context data must be renegotiated with the peer.';
|
||
|
RSHTTPSSPIWrongPrincipal = 'The target principal name is incorrect.';
|
||
|
RSHTTPSSPINoLSACode = 'There is no LSA mode context associated with this context.';
|
||
|
RSHTTPSSPITimeScew = 'The clocks on the client and server machines are skewed.';
|
||
|
RSHTTPSSPIUntrustedRoot = 'The certificate chain was issued by an untrusted authority.';
|
||
|
RSHTTPSSPIIllegalMessage = 'The message received was unexpected or badly formatted.';
|
||
|
RSHTTPSSPICertUnknown = 'An unknown error occurred while processing the certificate.';
|
||
|
RSHTTPSSPICertExpired = 'The received certificate has expired.';
|
||
|
RSHTTPSSPIEncryptionFailure = 'The specified data could not be encrypted.';
|
||
|
RSHTTPSSPIDecryptionFailure = 'The specified data could not be decrypted.';
|
||
|
RSHTTPSSPIAlgorithmMismatch = 'The client and server cannot communicate, because they do not possess a common algorithm.';
|
||
|
RSHTTPSSPISecurityQOSFailure = 'The security context could not be established due to a failure in the requested quality of service (e.g. mutual authentication or delegation).';
|
||
|
RSHTTPSSPISecCtxWasDelBeforeUpdated = 'A security context was deleted before the context was completed. This is considered a logon failure.';
|
||
|
RSHTTPSSPIClientNoTGTReply = 'The client is trying to negotiate a context and the server requires user-to-user but didn''t send a TGT reply.';
|
||
|
RSHTTPSSPILocalNoIPAddr = 'Unable to accomplish the requested task because the local machine does not have any IP addresses.';
|
||
|
RSHTTPSSPIWrongCredHandle = 'The supplied credential handle does not match the credential associated with the security context.';
|
||
|
RSHTTPSSPICryptoSysInvalid = 'The crypto system or checksum function is invalid because a required function is unavailable.';
|
||
|
RSHTTPSSPIMaxTicketRef = 'The number of maximum ticket referrals has been exceeded.';
|
||
|
RSHTTPSSPIMustBeKDC = 'The local machine must be a Kerberos KDC (domain controller) and it is not.';
|
||
|
RSHTTPSSPIStrongCryptoNotSupported = 'The other end of the security negotiation is requires strong crypto but it is not supported on the local machine.';
|
||
|
RSHTTPSSPIKDCReplyTooManyPrincipals = 'The KDC reply contained more than one principal name.';
|
||
|
RSHTTPSSPINoPAData = 'Expected to find PA data for a hint of what etype to use, but it was not found.';
|
||
|
RSHTTPSSPIPKInitNameMismatch = 'The client certificate does not contain a valid UPN, or does not match the client name in the logon request. Please contact your administrator.';
|
||
|
RSHTTPSSPISmartcardLogonReq = 'Smartcard logon is required and was not used.';
|
||
|
RSHTTPSSPISysShutdownInProg = 'A system shutdown is in progress.';
|
||
|
RSHTTPSSPIKDCInvalidRequest = 'An invalid request was sent to the KDC.';
|
||
|
RSHTTPSSPIKDCUnableToRefer = 'The KDC was unable to generate a referral for the service requested.';
|
||
|
RSHTTPSSPIKDCETypeUnknown = 'The encryption type requested is not supported by the KDC.';
|
||
|
RSHTTPSSPIUnsupPreauth = 'An unsupported preauthentication mechanism was presented to the Kerberos package.';
|
||
|
RSHTTPSSPIDeligationReq = 'The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation.';
|
||
|
RSHTTPSSPIBadBindings = 'Client''s supplied SSPI channel bindings were incorrect.';
|
||
|
RSHTTPSSPIMultipleAccounts = 'The received certificate was mapped to multiple accounts.';
|
||
|
RSHTTPSSPINoKerbKey = 'SEC_E_NO_KERB_KEY';
|
||
|
RSHTTPSSPICertWrongUsage = 'The certificate is not valid for the requested usage.';
|
||
|
RSHTTPSSPIDowngradeDetected = 'The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.';
|
||
|
RSHTTPSSPISmartcardCertRevoked = 'The smartcard certificate used for authentication has been revoked. Please contact your system administrator. There may be additional information in the event log.';
|
||
|
RSHTTPSSPIIssuingCAUntrusted = 'An untrusted certificate authority was detected While processing the smartcard certificate used for authentication. Please contact your system administrator.';
|
||
|
RSHTTPSSPIRevocationOffline = 'The revocation status of the smartcard certificate used for authentication could not be determined. Please contact your system administrator.';
|
||
|
RSHTTPSSPIPKInitClientFailure = 'The smartcard certificate used for authentication was not trusted. Please contact your system administrator.';
|
||
|
RSHTTPSSPISmartcardExpired = 'The smartcard certificate used for authentication has expired. Please contact your system administrator.';
|
||
|
RSHTTPSSPINoS4UProtSupport = 'The Kerberos subsystem encountered an error. A service for user protocol request was made against a domain controller which does not support service for user.';
|
||
|
RSHTTPSSPICrossRealmDeligationFailure = 'An attempt was made by this server to make a Kerberos constrained delegation request for a target outside of the server''s realm. This is not supported, and indicates a misconfiguration on this server''s allowed'+
|
||
|
' to delegate to list. Please contact your administrator.';
|
||
|
RSHTTPSSPIRevocationOfflineKDC = 'The revocation status of the domain controller certificate used for smartcard authentication could not be determined. There is additional information in the system event log. Please contact your system administrator.';
|
||
|
RSHTTPSSPICAUntrustedKDC = 'An untrusted certificate authority was detected while processing the domain controller certificate used for authentication. There is additional information in the system event log. Please contact your system administrator.';
|
||
|
RSHTTPSSPIKDCCertExpired = 'The domain controller certificate used for smartcard logon has expired. Please contact your system administrator with the contents of your system event log.';
|
||
|
RSHTTPSSPIKDCCertRevoked = 'The domain controller certificate used for smartcard logon has been revoked. Please contact your system administrator with the contents of your system event log.';
|
||
|
RSHTTPSSPISignatureNeeded = 'A signature operation must be performed before the user can authenticate.';
|
||
|
RSHTTPSSPIInvalidParameter = 'One or more of the parameters passed to the function was invalid.';
|
||
|
RSHTTPSSPIDeligationPolicy = 'Client policy does not allow credential delegation to target server.';
|
||
|
RSHTTPSSPIPolicyNTLMOnly = 'Client policy does not allow credential delegation to target server with NLTM only authentication.';
|
||
|
RSHTTPSSPINoRenegotiation = 'The recipient rejected the renegotiation request.';
|
||
|
RSHTTPSSPINoContext = 'The required security context does not exist.';
|
||
|
RSHTTPSSPIPKU2UCertFailure = 'The PKU2U protocol encountered an error while attempting to utilize the associated certificates.';
|
||
|
RSHTTPSSPIMutualAuthFailed = 'The identity of the server computer could not be verified.';
|
||
|
RSHTTPSSPIUnknwonError = 'Unknown error';
|
||
|
{
|
||
|
Note to translators - the parameters for the next message are below:
|
||
|
|
||
|
Failed Function Name
|
||
|
Error Number
|
||
|
Error Number
|
||
|
Error Message by Number
|
||
|
}
|
||
|
|
||
|
RSHTTPSSPIErrorMsg = 'SSPI %s returns error #%d(0x%x): %s';
|
||
|
|
||
|
RSHTTPSSPIInterfaceInitFailed = 'SSPI interface has failed to initialise properly';
|
||
|
RSHTTPSSPINoPkgInfoSpecified = 'No PSecPkgInfo specified';
|
||
|
RSHTTPSSPINoCredentialHandle = 'No credential handle acquired';
|
||
|
RSHTTPSSPICanNotChangeCredentials = 'Can not change credentials after handle aquired. Use Release first';
|
||
|
RSHTTPSSPIUnknwonCredentialUse = 'Unknown credentials use';
|
||
|
RSHTTPSSPIDoAuquireCredentialHandle = 'Do AcquireCredentialsHandle first';
|
||
|
RSHTTPSSPICompleteTokenNotSupported = 'CompleteAuthToken is not supported';
|
||
|
|
||
|
implementation
|
||
|
|
||
|
end.
|