Graphical identification and authentication


Graphical identification and authentication

The graphical identification and authentication (GINA) library is a component of some Microsoft Windows operating systems that provides secure authentication and interactive logon services.

GINA is a dynamically linked library that is loaded in the context of the Winlogon process when the machine is started. It is responsible for handling the secure attention sequence, typically Control-Alt-Delete, and interacting with the user when this sequence is received. GINA is also responsible for starting initial processes for a user (such as the Windows Shell) when they first log on.

In Windows Vista, GINA has been entirely replaced by Credential Providers, which allow for significantly increased flexibility in supporting multiple credential collection methods. GINA libraries do not work with Windows Vista.

Overview

A default GINA library, MSGINA.DLL, is provided by Microsoft as part of the operating system, and offers the following features:
*Authentication against Windows domain servers with a supplied user name/password combination.
*Displaying of a legal notice to the user prior to presenting the logon prompt.
*Automatic Logon, allowing for a user name and password to be stored and used in place of an interactive logon prompt. Automatic logon can also be configured to execute only a certain number of times before reverting to interactive logon. In older versions of Windows NT, the password could only be stored in plain text in the registry; support for using the Local Security Authority's private storage capabilities was introduced in Windows NT 4.0 Workstation Service Pack 3 and Windows NT Server 3.51.
*"Security Options" dialog when the user is logged on, which provides options to shut down, log off, change the password, start the Task Manager, and lock the workstation.

Winlogon can be configured to use a different GINA, providing for non-standard authentication methods such as smart card readers or identification based on biometrics, or to provide an alternate visual interface to the default GINA. Developers who implement a replacement GINA are required to provide implementations for a set of API calls which cover functionality such as displaying a "workstation locked" dialog, processing the secure attention sequence in various user states, responding to queries as to whether or not locking the workstation is an allowed action, supporting the collection of user credentials on Terminal Services-based connections, and interacting with a screensaver. A custom GINA could be made entirely from scratch, or just be the original GINA with modifications. A custom GINA can be specified by placing a string named GinaDLL in the registry location HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon. The Winlogon component is solely responsible for calling these APIs in the GINA library.

When the Winlogon process starts, it compares its version number to that which is supported by the loaded GINA library. If the GINA library is of a higher version than Winlogon, Windows will not boot. This is done because a GINA library written for a given version of Winlogon will expect a certain set of API calls to be provided by Winlogon.

Support for replaceable GINA DLLs was introduced with Windows NT Server 3.51 and Windows NT Workstation 4.0 SP3. Successive versions of Windows have introduced additional functionality into Winlogon, resulting in additional functionality that can be implemented by a replacement GINA. Windows 2000, for example, introduced support for displaying status windows about the current state to the user (e.g. "Applying computer settings..."), and starting applications in the user's context; this facilitates restarting Windows Explorer automatically if it crashes, as well as starting the Task Manager. Windows XP introduced some support for Remote Desktop and a more interactive simplified full-screen logon.

ee also

* List of Microsoft Windows components
* Winlogon
* Windows NT Startup Process

External links

* [http://msdn.microsoft.com/en-us/library/aa380543.aspx Winlogon and GINA] , developer information on how the login components interact
* [http://msdn.microsoft.com/en-us/magazine/cc163803.aspx Customizing GINA Part 1] , Developer tutorial for writing a custom GINA.
* [http://msdn.microsoft.com/en-us/magazine/cc163786.aspx Customizing GINA Part 2] , Developer tutorial for writing a custom GINA.
* [http://www.pgina.org/ pGINA.org] - Home of a free GPL'ed GINA with Plug-ins


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Graphical Identification And Authentication — La bibliothèque d authentification et d identification graphique (en anglais : graphical identification and authentication ou GINA) est un composant des plusieurs systèmes d exploitation Microsoft Windows fournissant des services d… …   Wikipédia en Français

  • Graphical identification and authentication — La bibliothèque d authentification et d identification graphique (en anglais : graphical identification and authentication ou GINA) est un composant des plusieurs systèmes d exploitation Microsoft Windows fournissant des services d… …   Wikipédia en Français

  • Security and safety features new to Windows Vista — There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.Beginning in early 2002 with Microsoft s announcement of their Trustworthy Computing… …   Wikipedia

  • List of computing and IT abbreviations — This is a list of computing and IT acronyms and abbreviations. Contents: 0–9 A B C D E F G H I J K L M N O P Q R S T U V W X Y …   Wikipedia

  • Abkürzungen/Computer — Dies ist eine Liste technischer Abkürzungen, die im IT Bereich verwendet werden. A [nach oben] AA Antialiasing AAA authentication, authorization and accounting, siehe Triple A System AAC Advanced Audio Coding AACS …   Deutsch Wikipedia

  • Liste der Abkürzungen (Computer) — Dies ist eine Liste technischer Abkürzungen, die im IT Bereich verwendet werden. A [nach oben] AA Antialiasing AAA authentication, authorization and accounting, siehe Triple A System AAC Advanced Audio Coding AACS …   Deutsch Wikipedia

  • Liste von Abkürzungen (Computer) — Dies ist eine Liste technischer Abkürzungen, die im IT Bereich verwendet werden. Inhaltsverzeichnis A B C D E F G H I J K L M N O P Q R S T U V W X Y Z siehe auch: Liste von Dateiendu …   Deutsch Wikipedia

  • Winlogon — est un composant de Windows qui gère l ouverture et la fermeture de session, et le Ctrl Alt Delete. En particulier, il charge le profil d un utilisateur après qu il s est authentifié il gère l écran de veille ; sur le retour au mode normal,… …   Wikipédia en Français

  • Gina — may refer to: * Gina from Wisconsinenjoys Bikes and danking all around the world* A computer acronym, GINA (all caps) may refer to the Graphical Identification and Authentication dynamic link library (DLL). The [http://msdn.microsoft.com/en… …   Wikipedia

  • Processus de demarrage de Windows NT — Processus de démarrage de Windows NT Le processus de démarrage de Windows NT est le processus par lequel Windows 3.1, 3.5, 4.0, 2000, XP, et 2003 s initialisent. Pour Windows Vista (NT 6.0) et les successeurs, le processus est substantiellement… …   Wikipédia en Français


Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”

We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.