[This is preliminary documentation and subject to change.]
The vendor that implements the authentication protocol may also provide an interactive user interface (UI) for the protocol. The interactive UI may be implemented in the same DLL as the authentication protocol, or in a separate DLL. Also, the DLL that implements the interactive UI may support more than one authentication protocol. The path to the DLL for the interactive UI is stored in a registry value under the key for the authentication protocol. For more information about creating this registry value, see EAP Installation.
The DLL for the interactive UI should export entry points for the following functions:
The interactive UI allows the authentication protocol to obtain additional information from the user as needed during the course of the authentication session.
To display the interactive UI, the authentication protocol should set the fInvokeInteractiveUI member of the PPP_EAP_OUTPUT structure to TRUE. The authentication protocol may optionally set the pUIContextData and dwSizeOfUIContextData members as well. RAS will use the values of these members to pass context data to the interactive UI. The authentication protocol returns this PPP_EAP_OUTPUT as a parameter in the RasEapMakeMessage function.
RAS invokes the interactive UI by calling RasEapInvokeInteractiveUI. RAS passes the authentication protocol a pointer to the data returned by the interactive UI in the subsequent call to RasEapMakeMessage. The pointer is passed as a member of a PPP_EAP_INPUT structure. After RasEapMakeMessage returns, RAS will call RasEapFreeInteractiveUIData to free the memory occupied by the information. Therefore, the authentication protocol should copy the information into a private memory buffer during the call to RasMakeMessage.