Back to product page

UseNTAuthentication property


Determines if native NT authentication is used for user's access.

Type

Boolean

Syntax

  • Basic
object.UseNTAuthentication [= value]
The UseNTAuthentication(object,value) syntax has these parts:
objectAn expression evaluating to an object of type WebUser
valueA Boolean value.

Remarks

This property allows you to let your OS determine if client supplied valid login/password/domain combination and therefore he can access your system. When set to True (from inside UserAuthenticate event), you CAN check if provided Login/Password/Domain and allow access if you want to - but you can also ignore that event (just set this property to True).

wodWebServer can authenticate user even using NT domain controller - it depends on your OS handles authentication, based on Domain property setting. Authentication will work both for AuthBasic and AuthNTLM authentication values. For example, idea is to allow user 'joe' with password 'joe' to connect as guest to local system. There is no 'joe' account defined on the system - but it is not important at all. You will check by yourself if user enter proper login and password, and then just give control to wodWebServer to give guest credentials to the client.

For example, you could use code like this:
 
Private Sub Http1_UserAuthenticate(ByVal User As WODWEBSERVERCOMLib.IWebUser, ByVal AuthType As WODWEBSERVERCOMLib.WebAuthenticationTypes, Action As WODWEBSERVERCOMLib.WebActions)
 If Login = "joe" And Password = "joe" Then
   Action = Allow
   User.UseNTAuthentication = True
   User.Login = "guest"
   User.Password = "guestpassword"
 Else
   Action = Deny
 End If
End Sub
 

and if valid login and pass are entered - you will provide proper account credentials to the system to login him as guest.

Also, you don't have to check login and password at all, let OS do it for you. Use code like this:
 
Private Sub Http1_UserAuthenticate(ByVal User As WODWEBSERVERCOMLib.IWebUser, ByVal AuthType As WODWEBSERVERCOMLib.WebAuthenticationTypes, Action As WODWEBSERVERCOMLib.WebActions)
 Action = Allow
 User.UseNTAuthentication = True
End Sub
 

don't think this will let everyone to connect (because we Allowed access). This only means you will allow system to check provided Login and Password (they are already stored as User.Login and User.Password properties. You can optionally set User.Domain if you want to test credentials using your domain controller. That's all!

WARNING: To use this option on Win2000 and higher, you have to set special privileges for user who is running wodWebServer. To be more precise, user must have:
"Act as part of the operating system" (SeTcbPrivilege)
"Increase quotas" (SeIncreaseQuotasPrivilege)
"Replace a process-level token" (SeAssignPrimaryTokenPrivilege)
 to set these privileges for yourself, open Control Panel, Administrative Tools, Local Security Policy, User Rights Assignment and add yourself in 'Security Setting' field.

Platforms

Windows