Microsoft Internet Security and Acceleration Server 2004 SDK

IFWXFirewall::CreatePrivateSession

The CreatePrivateSession method creates a private session object for a given client.

HRESULT CreatePrivateSession(
  LPSOCKADDR ClientAddress,
  DWORD ClientAddressLength,
  LPSOCKADDR ProxyInternalAddress,
  DWORD ProxyInternalAddressLength,
  IFWXAuthenticatedUser* AuthenticatedUser,
  IFWXSession** ppPrivateSession
);

Parameters

ClientAddress
[in] Pointer to a sockaddr structure that contains the address of the client for which the session object is needed.
ClientAddressLength
[in] Length, in bytes, of the structure pointed to by the ClientAddress parameter.
ProxyInternalAddress
[in] Pointer to a sockaddr structure that contains the internal address of the proxy used to communicate with the client.
ProxyInternalAddressLength
[in] Length, in bytes, of the structure pointed to by the ProxyInternalAddress parameter. On a multihomed computer, one with more than one internal interface, the filter uses this parameter to set which interface is to be used. Can be NULL, in which case the Microsoft Firewall service will select the internal interface.
AuthenticatedUser
[in] Pointer to an authenticated user object that will be used for impersonating the session's user. This parameter can be NULL, in which case only the client IP address will be used when processing rules.
ppPrivateSession
[out] Address of a parameter that receives a pointer to the IFWXSession interface on the newly created session.

Return Values

This method returns S_OK if the call is successful; otherwise, it returns an error code.

Remarks

A private session object allows a filter to use an application level authentication scheme.

Private sessions may be needed in outbound and inbound scenarios.

Outbound scenario: Session objects are created automatically for Firewall service or SecureNAT client requests, but not when an application connects to an internal address of the ISA Server computer through an application filter. A filter that acts as an application level proxy may have to create a private session object by using the IFWXFirewall::CreatePrivateSession method to have access to session dependent functions.

Inbound Scenario: Inbound primary connections can be directed to a SecureNAT client by using the IFWXFirewall::CreatePrivateSession or IFWXFirewall::GetClientSession method. Use IFWXFirewall::CreatePrivateSession when the inbound connection has been requested by an application, the SecureNAT client is not known by the Firewall service, and no session object has been created. Use the IFWXFirewall::GetClientSession method only if the filter can assert that the client is configured to be a SecureNAT client of that server.

Requirements

Server: Requires Windows Server 2003 or Windows 2000.
Version: Requires Internet Security and Acceleration Server 2004.
Header: Declared in Wspfwext.idl.

See Also

IFWXFirewall