Microsoft Internet Security and Acceleration Server 2004 SDK |
The DigestAuthentication property gets or sets a Boolean value that indicates whether Digest authentication is used.
HRESULT get_DigestAuthentication( VARIANT_BOOL* pfDigestAuthentication ); HRESULT put_DigestAuthentication( VARIANT_BOOL fDigestAuthentication );
This property is read/write.
Digest authentication offers the same features as Basic authentication but involves a different way of transmitting the client's identity. The authentication credentials (the user name and password) pass through a one-way process, often referred to as hashing. The result of this process is a fixed-length value called a hash or digest, which is not feasibly decrypted—the original user name and password cannot be recovered from the hash value.
Additional information is added to the password before hashing so that no one can capture the password hash and use it to impersonate the true user. Values are added that help to identify the user, the user's computer, and the domain to which the user belongs. A time stamp is added to prevent a user from using a password after it has been revoked. This is an advantage over Basic authentication, because the password cannot be intercepted and used by an unauthorized person.
If this property is set to VARIANT_TRUE and the UseDigestSSP property of the IFPCWebProxy interface is set to VARIANT_TRUE, Advanced Digest authentication will be used instead of Digest authentication provided all the conditions for using Advanced Digest authentication are met.
Digest authentication can be enabled for a Web listener together with Basic authentication, Integrated authentication, and SSL certificate authentication.
The DigestAuthentication property gets or sets a Boolean value that indicates whether Digest authentication is used.
Property DigestAuthentication As Boolean
This property is read/write.
Digest authentication offers the same features as Basic authentication but involves a different way of transmitting the client's identity. The authentication credentials (the user name and password) pass through a one-way process, often referred to as hashing. The result of this process is a fixed-length value called a hash or digest, which is not feasibly decrypted—the original user name and password cannot be recovered from the hash value.
Additional information is added to the password before hashing so that no one can capture the password hash and use it to impersonate the true user. Values are added that help to identify the user, the user's computer, and the domain to which the user belongs. A time stamp is added to prevent a user from using a password after it has been revoked. This is an advantage over Basic authentication, because the password cannot be intercepted and used by an unauthorized person.
If this property is set to True and the UseDigestSSP property of the FPCWebProxy object is set to True, Advanced Digest authentication will be used instead of Digest authentication provided all the conditions for using Advanced Digest authentication are met.
Digest authentication can be enabled for a Web listener together with Basic authentication, Integrated authentication, and SSL certificate authentication.
Server: Requires Windows Server 2003 or
Windows 2000.
Version: Requires Internet Security and Acceleration
Server 2004.
Header: Declared in Msfpccom.idl.
Library: Use Microsoft Internet Security and Acceleration
Server 2004 Administration Library.