May 16, 2013 at 12:25 PM
Edited May 16, 2013 at 1:00 PM
Sorry for the messy explanation, I have a hard time understanding it myself...
Anyway, this is the text (link
) describing the "CREDUI_FLAGS_ALWAYS_SHOW_UI"
"Specifies that a user interface will be shown even if the credentials can be returned from an existing credential in credential manager
. This flag is permitted only if CREDUI_FLAGS_GENERIC_CREDENTIALS is also specified."
This means that if the user has stored credentials "u" and "p1" in the Credential Manager but the correct password is "p" the first authentication attempt will fail and the if(!cred) condition will be triggered.
Now, if the user enters an incorrect password again ("p2") this password will be stored even it is incorrect but since it will not authenticate the jump to "reprompt" will be made.
Next time through the loop, since there are credentials stored, the dialog will not be shown but since the credentials still won't authenticate another jump to "reprompt" is made.
This results in an eternal loop!
I kind of like the way the credentials are stored even if authentication fails (there might be other reasons for authentication to fail than bad credentials) so I added the flag to always show the dialog to give the user the opportunity to break the loop.
Hope this makes more sense!