ReturnAuthRequiredIfAuthUserDenied Property of IFPCWebListenerProperties

ReturnAuthRequiredIfAuthUserDenied ...

Microsoft Internet Security and Acceleration Server 2004/2006 SDK

ReturnAuthRequiredIfAuthUserDenied Property of IFPCWebListenerProperties[C++] | FPCWebListenerProperties.ReturnAuthRequiredIfAuthUserDenied [Visual Basic]

C++

The ReturnAuthRequiredIfAuthUserDenied property gets or sets a Boolean value that indicates whether to return a Proxy Authentication Required message when a user is authenticated by the ISA Server Web proxy but is denied access by the rules. By default, an access denied message is returned, and the user is not given the option of authenticating with different credentials.

HRESULT get_ReturnAuthRequiredIfAuthUserDenied(
  VARIANT_BOOL** pfReturnAuthRequiredIfAuthUserDenied );

HRESULT put_ReturnAuthRequiredIfAuthUserDenied(
  VARIANT_BOOL fReturnAuthRequiredIfAuthUserDenied );

Parameters

pfReturnAuthRequiredIfAuthUserDenied: Pointer to a Boolean variable that is set on return to VARIANT_TRUE if a Proxy Authentication Required message will be returned when a user is authenticated by the Web proxy but is denied access by the rules, or to VARIANT_FALSE if a Proxy Authentication Required message will not be returned when a user is authenticated by the Web proxy but is denied access by the rules.
fReturnAuthRequiredIfAuthUserDenied: Boolean value that indicates whether to return a Proxy Authentication Required message when a user is authenticated by the Web proxy but is denied access by the rules.

Return Values

These property methods return S_OK if the call is successful; otherwise, they return an error code.

Remarks

This property is read/write. Its default value is VARIANT_FALSE.

In the forward proxy scenario, when this property is set to VARIANT_TRUE, a user that is authenticated by the Web proxy but fails to pass the rules (for example, because they deny access to this user) receives HTTP error 407 (Proxy Authentication Required) and can try again using different credentials. If this property is set to VARIANT_FALSE (the default value), the user receives HTTP error 502 (Bad Gateway) with a resource denied error page and is not prompted again for credentials when the Web proxy denies access for a request. In the reverse proxy scenario, the corresponding HTTP errors are 401 (Unauthorized: Logon Failed) and 403 (Forbidden: Execute Access Forbidden).

This property cannot be accessed through ISA Server Management.

Visual Basic

Property ReturnAuthRequiredIfAuthUserDenied As Boolean

Property Value

Boolean value that indicates whether to return a Proxy Authentication Required message when a user is authenticated by the Web proxy but is denied access by the rules.

Remarks

This property is read/write. Its default value is False.

In the forward proxy scenario, when this property is set to True, a user that is authenticated by the Web proxy but fails to pass the rules (for example, because they deny access to this user) receives HTTP error 407 (Proxy Authentication Required) and can try again using different credentials. If this property is set to False (the default value), the user receives HTTP error 502 (Bad Gateway) with a resource denied error page and is not prompted again for credentials when the Web proxy denies access for a request. In the reverse proxy scenario, the corresponding HTTP errors are 401 (Unauthorized: Logon Failed) and 403 (Forbidden: Execute Access Forbidden).

This property cannot be accessed through ISA Server Management.

Example Code

This VBScript script sets the ReturnAuthRequiredIfAuthUserDenied property of the Internal network's Web listener to True or False according to the value supplied by the user.

 
'Define the constants needed
Const fpcInternalNetwork = 4

Main(WScript.Arguments)

Sub Main(args)

    Dim reqValue    ' A string
    Dim newValue    ' A Boolean
    
    If(1 <> args.Count) Then
        Usage()
    End If

    reqValue = UCase(args(0))
    If (reqValue = "TRUE" Or reqValue = "FALSE") Then
        If reqValue = "TRUE" Then
            newValue = True
        Else
            newValue = False
        End If
        SetNetworkReturnAuthReq newValue
    Else
        Usage()
    End If
End Sub

Sub SetNetworkReturnAuthReq(newValue)

    ' Declare the objects needed.
    Dim root          ' The FPCLib.FPC root object
    Dim isaArray      ' An FPCArray object
    Dim networks      ' An FPCNetworks collection
    Dim network       ' An FPCNetwork object
    Dim currentValue  ' A Boolean

    ' Create the root object.
    Set root = CreateObject("FPC.Root")

    ' Get references to the array object 
    ' and the networks collection.
    Set isaArray = root.GetContainingArray()
    Set networks = isaArray.NetworkConfiguration.Networks

    ' Find the Internal network and set the property
    ' for it.
    For Each network In networks
        If network.NetworkType = fpcInternalNetwork Then
            currentValue = network.WebListenerProperties.ReturnAuthRequiredIfAuthUserDenied
            WScript.Echo "Current value: " & currentValue
            If newValue <> currentValue Then
                network.WebListenerProperties.ReturnAuthRequiredIfAuthUserDenied = newValue
                WScript.Echo "New value: " _
                    & network.WebListenerProperties.ReturnAuthRequiredIfAuthUserDenied
                network.Save
                WScript.Echo "Done!" 
            End If
        End If
    Next
End Sub

Sub Usage()
    WScript.Echo "Usage:" & VbCrLf _
        & "  " & WScript.ScriptName & " {True | False}"
    WScript.Quit
End Sub

Requirements

Client	Requires Windows XP.
Server	Requires Windows Server 2003. Requires Windows Server 2003 or Windows 2000 for ISA Server 2004 Standard Edition.
Version	Requires Internet Security and Acceleration (ISA) Server 2006 or ISA Server 2004.
IDL	Declared in Msfpccom.idl.
DLL	Requires Msfpccom.dll.

Parameters

Return Values

Remarks

Property Value

Remarks

Example Code

Requirements

See Also