AuthentiX Extensibility SDK
The Authenticate method is called by AuthentiX when
the By COM option is set.
Authenticate should return
return 1 for success or an error code for authentication failure.
Visual C++ Syntax
long FAR* verify,
BSTR FAR* username,
BSTR FAR* password,
BSTR FAR* ipAddress,
BSTR FAR* userAgent,
BSTR FAR* referrer,
BSTR FAR* scriptName,
BSTR FAR* bstrUserString,
BSTR FAR* bstrqueryString,
BSTR FAR* bstrReserved2,
long FAR* longReserved1,
long FAR* longReserved2);
Visual Basic Syntax
Public Function Authenticate(
verifyArg As Long, _
username As String, _
password As String, _
ipAddress As String, _
userAgent As String, _
referrer As String, _
scriptName As String, _
UserString As String, _
bstrqueryString As String, _
bstrReserved2 As String, _
longReserved1 As Long, _
longReserved2 As Long) _
Usually you can ignore this parameter unless you need
it for keeping logs.
When using ODBC style username/password caching, you can
specify how long before a user must be verified against
the datasource, the default is 60 minutes.
The cache is inspected every minute, and
users that have not been active for more than 10 minutes
are removed from the cache. However if a user is active for
an extended period of time, another lookup is forced
to verify that the user is still valid.
To remove a username from the cache directly, use
The verify flag indicates whether this
is the first login (value = 1) or a verify (value = 2).
The username the website visitor has supplied.
The password the website visitor has supplied.
The IP Address from which the visitor is making the request.
The user agent (browser) the visitor is using,
The referring URL that brought the visitor to the requested page.
The path of the file being requested.
A string set in the COM Options dialog.
You can use this to set a per-directory parameter of your choice.
The query string of the request, if any (5.4c and above). Return value: username (see longReserved2)
REQUEST_METHOD (5.5m and above). Return value: password (see longReserved2)
5.8d and above: if the checkbox is checked, then ALL_HTTP is appended to the Request Method.
Reserved. Use for concurrency limit logins return value;
Reserved. If 1 is returned, then the return value of bstrqueryString
and bstrReserved2 are treated as the NT SAM username and password respectively.
This login information is used to impersonate that user on each request
(This is documented per a request for a custom upgrade, however since this
upgrade was never commissioned, this functionality is not implemented. ).
Return 1 for success
Return 3 if user not found
Return 6 if user found and wrong password
Return 9 if user found and expired
#define AUTHX_DENIED_EMPTY -2
#define AUTHX_DENIED_UNKNOWN_USER -3
#define AUTHX_DENIED_BAD_PASSWORD -6
#define AUTHX_DENIED_REFERRAL_BLOCK -4
#define AUTHX_DENIED_MULTI_BLOCKED -5
#define AUTHX_DENIED_EXPIRED -7
#define AUTHX_DENIED_ODBC_EXPIRED -9
#define AUTHX_DENIED_COOKIE_TIMED_OUT -10
#define AUTHX_DENIED_IP_BLOCK -11
#define AUTHX_DENIED_KBYTES -12
#define AUTHX_DENIED_REQUESTS -13
#define AUTHX_DENIED_SEQ_LOGINS -14
#define AUTHX_DENIED_FOOTPRINT -15
#define AUTHX_DENIED_DN_BLOCK -16
#define AUTHX_DENIED_UA_BLOCK -17
#define AUTHX_DENIED_DAP -18
#define AUTHX_DENIED_TIMED_OUT -19
If you return your own codes, please use the range 901-999.
Example projects for VC++ and VB are included with the product in the installation directory.
Back to Tutorial