The MyAuth Web filter sample is a Web filter that registers a new authentication scheme and performs the authentication in place of the Web proxy for every HTTP request. The authentication in the sample is not a true authentication. The filter asks for the user name, and when it receives the name, the user is considered authenticated.

After this sample registers the new authentication scheme with Forefront TMG, Forefront TMG Management must be restarted before the new authentication scheme will be displayed.

This sample is not intended to demonstrate secure, efficient memory allocation. Web filters should avoid allocating large amounts of memory in a single session or request so that resources will not be depleted in the event of a denial-of-service (DoS) attack. Web filters that accumulate data until a complete request is stored in memory should set a maximum total number of bytes that may be allocated for a single request. If this maximum number of bytes is significant, they should limit the time during which a request can be stored. In more advanced Web filters, quotas should be applied.

The Webresponsemodifier sample demonstrates how to allocate memory securely and efficiently. For more information about handling data in Web filters and other recommended best practices for developing Web filters, see Best Practices for Web Filters.

Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.