DigestAuthentication Property of the IFPCWebListenerProperties Interface

The DigestAuthentication property gets or sets a Boolean value that indicates whether Digest authentication is used.

HRESULT put_DigestAuthentication(
	VARIANT_BOOL fDigestAuthentication
);
HRESULT get_DigestAuthentication(
	VARIANT_BOOL* pfDigestAuthentication
);

Property DigestAuthentication As Boolean

Remarks

This property is read/write. Its default value is False (VARIANT_FALSE in C++).

Digest authentication offers the same features as Basic authentication but involves a different way of transmitting the client's identity. The authentication credentials (the user name and password) pass through a one-way process, often referred to as hashing. The result of this process is a fixed-length value called a hash or digest, which is not feasibly decrypted—the original user name and password cannot be recovered from the hash value.

Additional information is added to the password before hashing so that no one can capture the password hash and use it to impersonate the true user. Values are added that help to identify the user, the user's computer, and the domain to which the user belongs. A time stamp is added to prevent a user from using a password after it has been revoked. This is an advantage over Basic authentication, because the password cannot be intercepted and used by an unauthorized person.

If this property is set to True (VARIANT_TRUE in C++) and the UseDigestSSP property of the FPCWebProxy object (IFPCWebProxy interface in C++) is set to True (VARIANT_TRUE in C++), Advanced Digest authentication will be used instead of Digest authentication provided all the conditions for using Advanced Digest authentication are met.

Digest authentication can be enabled for a Web listener together with Basic authentication, Integrated authentication, and SSL certificate authentication.

Requirements

See Also

FPCWebListenerProperties

Send comments about this topic to Microsoft

Build date: 11/30/2009