IFtpAuthenticationProvider::AuthenticateUser Method

IIS 7.0
 

Checks to see whether a user name and password are valid.

AuthenticateUser(  
   LPWSTR pszSessionId,  
   LPWSTR pszSiteName,  
   LPWSTR pszUserName,  
   LPWSTR pszPassword,  
   LPWSTR * ppszCanonicalUserName,  
   long * pfAuthenticated  
)  

Parameters

TermDefinition
pszSessionIdA pointer to a string that contains the session ID.
pszSiteNameA pointer to a string that contains the site name.
pszUserNameA pointer to a string that contains the user name.
pszPasswordA pointer to a string that contains the password.
ppszCanonicalUserNameA pointer to a string that will contain the canonical name of the user.
pfAuthenticatedA pointer to a long integer that will contain true if the user is authenticated; otherwise, false.

An HRESULT. Possible values include, but are not limited to, those in the following table.

ValueDescription
S_OKIndicates that the operation was successful.

The ppszCanonicalUserName parameter can be used to canonicalize user names; the suggested canonical form is domain\user because previous versions of IIS FTP servers required the user name to be in the domain\user form.

A Windows authentication-based provider cannot be implemented with this method because that form of authentication does not allow user tokens to be returned.

The following code example illustrates how to use the IFtpAuthenticationProvider interface to create a custom authentication module for the FTP service that implements user name checks.

public:  
   STDMETHOD(AuthenticateUser)(LPWSTR pszSessionId,  
      LPWSTR pszSiteName,  
      LPWSTR pszUserName,  
      LPWSTR pszPassword,  
      LPWSTR * ppszCanonicalUserName,  
      long * pfAuthenticated)  
      {  
      // Note: You would add your own custom logic here.  
      *ppszCanonicalUserName = pszUserName;  
  
      CString strUserName = L"MyUser";  
      CString strPassword = L"MyPassword";  
  
      // Verify that the user name and password are valid.  
      // In this example, the user name is case-insensitive  
      // and the password is case-sensitive.  
      if ((strUserName.CompareNoCase(pszUserName)==0) &&  
          (strPassword.Compare(pszPassword)==0))  
      {  
         *pfAuthenticated = TRUE;  
      }  
      else  
      {  
         *pfAuthenticated = FALSE;  
   }  
      return S_OK;  
   }  

TypeDescription
Client- IIS 7.5 on Windows 7
- IIS 8.0 on Windows 8
- IIS 10.0 on Windows 10
Server- IIS 7.5 on Windows Server 2008 R2
- IIS 8.0 on Windows Server 2012
- IIS 8.5 on Windows Server 2012 R2
- IIS 10.0 on Windows Server 2016 Technical Preview
Product- IIS 7.0, IIS 7.5, IIS 8.0, IIS 8.5, IIS 10.0
Referenceftpext.tlb

IFtpAuthenticationProvider Interface

Show: