2.2.79 FW_AUTH_INFO

This structure contains information on the local and remote hosts that resulted from the authentication methods performed between them.

 typedef struct _tag_FW_AUTH_INFO {
   [range(FW_AUTH_METHOD_INVALID + 1, FW_AUTH_METHOD_MAX)] 
     FW_AUTH_METHOD AuthMethod;
   [switch_type(FW_AUTH_METHOD), switch_is(AuthMethod)] 
     union {
     [case(FW_AUTH_METHOD_MACHINE_CERT,FW_AUTH_METHOD_USER_CERT)] 
       struct {
       FW_CERT_INFO MyCert;
       FW_CERT_INFO PeerCert;
     };
     [case(FW_AUTH_METHOD_MACHINE_KERB,FW_AUTH_METHOD_USER_KERB, FW_AUTH_METHOD_MACHINE_NEGOEX,FW_AUTH_METHOD_USER_NEGOEX)] 
       struct {
       [string, range(1,10001)] wchar_t* wszMyId;
       [string, range(1,10001)] wchar_t* wszPeerId;
     };
     [default]       ;
   };
   unsigned long dwAuthInfoFlags;
 } FW_AUTH_INFO,
  *PFW_AUTH_INFO;

AuthMethod: This field contains the authentication method used to establish the identities of the endpoints and is stored in the security association. The field can take valid values from the FW_AUTH_METHOD enumeration.

MyCert: This field contains the subject name and certification flags (health, account mapping, exclude CA) from the certificate of the local host that was used in the authentication process when a certificate-based authentication method is used.

PeerCert: This field contains the subject name and certification flags (health, account mapping, exclude CA) from the certificate of the remote host that was used in the authentication process when a certificate-based authentication method is used.

wszMyId: A pointer to a Unicode string representing the identity of the local host when a Kerberos-based authentication method, as specified in [MS-KILE], is used.

wszPeerId: A pointer to a Unicode string representing the identity of the remote host when a Kerberos-based authentication method, as specified in [MS-KILE], is used.

dwAuthInfoFlags: Reserved value and not currently used. It MUST be set to 0.