IFPCWebListenerProperties::ReturnAuthRequiredIfAuthUserDenied property
Applies to: desktop apps only
The ReturnAuthRequiredIfAuthUserDenied property gets or sets a Boolean value that indicates whether to return a Proxy Authentication Required message when a user is authenticated by the Forefront TMG Web proxy but is denied access by the rules. By default, an access denied message is returned, and the user is not given the option of authenticating with different credentials.
This property is read/write.
Syntax
HRESULT put_ReturnAuthRequiredIfAuthUserDenied(
VARIANT_BOOL fReturnAuthRequiredIfAuthUserDenied
);
HRESULT get_ReturnAuthRequiredIfAuthUserDenied(
VARIANT_BOOL **pfReturnAuthRequiredIfAuthUserDenied
);
' Data type: Boolean
Property ReturnAuthRequiredIfAuthUserDenied( _
ByVal fReturnAuthRequiredIfAuthUserDenied As VARIANT_BOOL, _
ByVal pfReturnAuthRequiredIfAuthUserDenied As VARIANT_BOOL _
) As Boolean
Property value
Boolean value that indicates whether to return a Proxy Authentication Required message when a user is authenticated by the Web proxy but is denied access by the rules.
Error codes
These property methods return S_OK if the call is successful; otherwise, they return an error code.
Remarks
This property is read/write. Its default value is False (VARIANT_FALSE in C++).
In the forward proxy scenario, when this property is set to True (VARIANT_TRUE in C++), a user that is authenticated by the Web proxy but fails to pass the rules (for example, because they deny access to this user) receives HTTP error 407 (Proxy Authentication Required) and can try again using different credentials. If this property is set to False (VARIANT_FALSE in C++) (the default value), the user receives HTTP error 502 (Bad Gateway) with a resource denied error page and is not prompted again for credentials when the Web proxy denies access for a request. In the reverse proxy scenario, the corresponding HTTP errors are 401 (Unauthorized: Logon Failed) and 403 (Forbidden: Execute Access Forbidden).
This property cannot be accessed through Forefront TMG Management.
Examples
This VBScript script sets the ReturnAuthRequiredIfAuthUserDenied property of the Internal network's Web listener to True or False according to the value supplied by the user.
'Define the constants needed
Const fpcInternalNetwork = 4
Main(WScript.Arguments)
Sub Main(args)
Dim reqValue ' A string
Dim newValue ' A Boolean
If(1 <> args.Count) Then
Usage()
End If
reqValue = UCase(args(0))
If (reqValue = "TRUE" Or reqValue = "FALSE") Then
If reqValue = "TRUE" Then
newValue = True
Else
newValue = False
End If
SetNetworkReturnAuthReq newValue
Else
Usage()
End If
End Sub
Sub SetNetworkReturnAuthReq(newValue)
' Declare the objects needed.
Dim root ' The FPCLib.FPC root object
Dim isaArray ' An FPCArray object
Dim networks ' An FPCNetworks collection
Dim network ' An FPCNetwork object
Dim currentValue ' A Boolean
' Create the root object.
Set root = CreateObject("FPC.Root")
' Get references to the array object
' and the networks collection.
Set isaArray = root.GetContainingArray()
Set networks = isaArray.NetworkConfiguration.Networks
' Find the Internal network and set the property
' for it.
For Each network In networks
If network.NetworkType = fpcInternalNetwork Then
currentValue = network.WebListenerProperties.ReturnAuthRequiredIfAuthUserDenied
WScript.Echo "Current value: " & currentValue
If newValue <> currentValue Then
network.WebListenerProperties.ReturnAuthRequiredIfAuthUserDenied = newValue
WScript.Echo "New value: " _
& network.WebListenerProperties.ReturnAuthRequiredIfAuthUserDenied
network.Save
WScript.Echo "Done!"
End If
End If
Next
End Sub
Sub Usage()
WScript.Echo "Usage:" & VbCrLf _
& " " & WScript.ScriptName & " {True | False}"
WScript.Quit
End Sub
Requirements
Minimum supported client |
Windows Vista |
Minimum supported server |
Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only) |
Version |
Forefront Threat Management Gateway (TMG) 2010 |
IDL |
Msfpccom.idl |
DLL |
Msfpccom.dll |
See also
Build date: 7/12/2010