If a client requests authentication services:
The client validates the login with the security mechanism and receives a credential, which contains relevant security information.
The client sends the credential to the server and informs the server it wants to establish a secure connection.
The server authenticates the client’s credential with the security mechanism. If the credential is not valid, the secure connection is rejected.
The server checks message protection properties, if the properties are compatible, the connection is established.