Skip to main content
ATL Server Library Reference 

Call this method to append authorization objects to an internal list used for negotiating protected server requests.

bool AddAuthObj(
   LPCTSTR szScheme,
   CAtlBaseAuthObject* pObject,
   IAuthInfo* pInfo = NULL 
) throw( );



A string containing a description of the authorization scheme supported by the object pointed to by pObject, such as "BASIC" or "NTLM".


A pointer to the authorization object.


An optional pointer to an IAuthInfo-derived class, which can be used to supply the user name, password, and domain name required for authorization.

Returns true on success, false on failure.

CAltHttpClientT uses the authorization objects added using this method when a 401 (Not Authorized) or 407 (Proxy Authorization Required) response is received as the result of a request. By default, authorization objects are used in the order that they were added, but CAtlHttpClientT::NegotiateAuth can be overridden to modify the way authorization negotiation occurs.

Custom authorization classes can be implemented by deriving from the CAtlBaseAuthObject class, but ATL Server provides authorization implementation classes for two popular security schemes: BASIC and NT LAN Manager (NTLM). See the CBasicAuthObject and CNTLMAuthObject classes, respectively, for more information.