Microsoft Internet Security and Acceleration Server 2004 SDK |
The SetADAuthenticatedUser callback function is used by Web filters to set the authenticated Windows user. This enables associating authenticated user information with the current request.
The SetADAuthenticatedUser callback function is declared as:
BOOL WINAPI * SetADAuthenticatedUser( struct _HTTP_FILTER_CONTEXT* pfc, LPSTR lpszUserName , LPSTR lpszPassword , HANDLE hToken );
The user token is received using the Security Support Provider Interface (SSPI) layer.
If there is a token, there is no need to pass the password. However, if the token field is NULL, you should provide the password. The user name must be provided if there is a token or if the token field is NULL.
After you provide the token handle to the function, you should close the token handle to prevent handle leaks.
Web filters call the SetADAuthenticatedUser function through a pointer that is a member of the WPX_FILTER_AUTHENT_EX structure. A pointer to this structure is passed in each call to the HttpFilterProc entry-point function when the Web proxy sends an SF_NOTIFY_AUTHENTICATION notification to the Web filters that are registered to receive this notification just before ISA Server authenticates a client. If the fAuthIsRequired member of the WPX_FILTER_AUTHENT_EX structure is set to FALSE, the call to SetADAuthenticatedUser succeeds, but the user specified is not set as an authenticated user.
Server: Requires Windows Server 2003 or
Windows 2000.
Version: Requires Internet Security and Acceleration
Server 2004.
Header: Declared in Wpxhttpfilt.h.