HTTP_FILTER_AUTHENT

IIS includes a pointer to this structure when it is authenticating a user with either anonymous or Basic authentication schemes. If your filter should be notified for this event, it should register for the SF_NOTIFY_AUTHENTICATION event.

typedef struct _HTTP_FILTER_AUTHENT
{
    CHAR *    pszUser;
    DWORD     cbUserBuff;
    CHAR *    pszPassword;
    DWORD     cbPasswordBuff;
} HTTP_FILTER_AUTHENT, *PHTTP_FILTER_AUTHENT;
 

Members

pszUser
[in/out] Points to a string containing the user name for this request. An empty string indicates an anonymous user.
cbUserBuff
[in] The size of the buffer pointed to by pszUser. This is guaranteed to be at least SF_MAX_USERNAME.
pszPassword
[in/out] Points to a string containing the password for this request.
cbPasswordBuff
[in] The size of the buffer pointed to by pszPassword. This is guaranteed to be at least SF_MAX_PASSWORD.

Remarks

When the server is about to authenticate the client, this structure is pointed to by the pvNotification parameter in the HttpFilterProc function when the notificationType parameter is SF_NOTIFY_AUTHENTICATION. This can be used to implement a different authentication scheme. The pszUser and pszPassword members contain the information sent by the client. After exiting this function, these values must represent a valid Windows NTŪ user account and password. IIS will then impersonate this account in order to gain access to resources. If the authentication method used is NTLM the password value will not be available.

See Also

HttpFilterProc