You can configure which authentication method to use. You can configure different authentication methods for incoming Web requests and for outgoing Web requests.
Forefront TMG supports the following built-in Windows authentication methods:
Forefront TMG provides predefined authentication schemes that are defined by FPCAuthenticationScheme objects for authentication. The following authentication schemes are supplied with Forefront TMG:
Forefront TMG also supports third-party authentication schemes that are registered with Web filters. For more information about third-party authentication schemes, see the reference page for the FPCAuthenticationScheme object.
Microsoft Internet Explorer 7, Internet Explorer 6, and Internet Explorer 5 support all the authentication methods. Other Web browsers may support only Basic authentication. Be sure that the client Web browsers can use at least one of the authentication methods that you specify in the incoming Web request properties and outgoing Web request properties. Otherwise, the client will not be able to access the requested object.
The authentication method used for a Web request is determined by properties (FPCWebListenerProperties) of the applicable Web listener and by the UseDigestSSP property of the FPCWebProxy object. A Web listener can be configured to use any of the built-in Windows authentication methods supported by Forefront TMG or any combination of these methods to authenticate Web requests. Alternatively, a Web listener for incoming Web requests can be configured to use an authentication scheme defined by an FPCAuthenticationScheme object for authentication. Basic authentication can be combined with the LDAP or RADIUS authentication schemes. However, the Web listener for outgoing Web requests sent from a network can be configured to use only the built-in Windows authentication methods or the RADIUS authentication scheme.
Build date: 11/30/2009
© 2008 Microsoft Corporation. All rights reserved.