WINHTTP authentication

Updated: February 1, 2010

Applies To: Unified Access Gateway

You can authenticate users in Forefront Unified Access Gateway (UAG) using WINHTTP authentication.

The WINHTTP authentication scheme checks users' credentials as follows:

  • You assign a URL of a Web page that requires users to authenticate using an HTTP 401 request.

  • The web server you define checks if the user is authorized to access the requested URL. Only users that are authorized to access the URL are considered authenticated.

WINHTTP authentication flow

The following figure illustrates the authentication process users pass through when the WINHTTP authentication scheme is implemented.

WINHTTP Authentication Flow

bba2df95-4484-4a9e-95fb-1944d795f23c

Note

The flow allows for three login attempts, after which login failure is final. The actual number of login attempts users are allowed is configurable.