Share via


Overview of client authentication

Microsoft Forefront Threat Management Gateway can allow access to resources based on user authentication. User authentication is used in a range of scenarios, summarized in the following table:

Authentication method Outbound Web proxy requests Incoming requests for published servers Authentication Server

HTTP authentication: Basic

Yes

Yes

Active Directory or RADIUS

LDAP (incoming requests only)

HTTP authentication: Basic

Yes

Yes

Active Directory, LDAP, or RADIUS

HTTP authentication: Digest/WDigest

Yes

Yes

Active Directory

HTTP authentication: Integrated (NTLM)

Yes

Yes

Active Directory

Client certificate

No (requests to upstream proxy server only)

Yes

Active Directory

Forms-based authentication

No

Yes

Active Directory, LDAP, RADIUS, RADIUS OTP, RSA SecurID

This section describes how Forefront TMG manages authentication. It provides information about authentication and delegation methods supported by Forefront TMG and how the authentication process is handled.