Applies to: desktop apps only

The Forefront TMG Web proxy includes a pointer to the HTTP_FILTER_AUTHENT structure in the notification that it sends to Web filters when it is ready to authenticate a user. If your filter should be notified for this event, it must register to receive SF_NOTIFY_AUTHENTICATION notifications. For more information about the types of event notifications that are sent to Web filters, see Event Notifications.

Note  When you are creating a Web filter for Forefront TMG, we recommend that you use WPX_FILTER_AUTHENT_EX rather than HTTP_FILTER_AUTHENT.


typedef struct _HTTP_FILTER_AUTHENT {
  CHAR  *pszUser;
  DWORD cbUserBuff;
  CHAR  *pszPassword;
  DWORD cbPasswordBuff;


  • pszUser
    Null-terminated string that specifies the user name for this request. An empty string indicates an anonymous user.

  • cbUserBuff
    The size of the buffer pointed to by pszUser. This is guaranteed to be at least SF_MAX_USERNAME.

  • pszPassword
    Null-terminated string that specifies the password for this request.

  • cbPasswordBuff
    The size of the buffer pointed to by pszPassword. This is guaranteed to be at least SF_MAX_PASSWORD.


When the server is about to authenticate the client, this structure is pointed to by the pvNotification parameter in the HttpFilterProc function when the notificationType parameter is SF_NOTIFY_AUTHENTICATION. The pszUser and pszPassword members contain the information sent by the client.

In the case of basic or RADIUS authentication, after exiting this notification, these values should represent a valid Windows user account and password. If another authentication method is used, the password value will not be available.


Minimum supported client

None supported

Minimum supported server

Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only)


Forefront Threat Management Gateway (TMG) 2010



See also

Notification Structures



Build date: 7/12/2010