Chat now with support
Chat with Support

Defender 5.9.3 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Integration with Cloud Access Manager Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Application Programming Interfaces (APIs)

This section contains information about methods and properties provided by the following interfaces:

IAuthenticator, IAuthenticator2, and IAuthenticator3 interfaces


Table 47:




Authenticate method

Sends a RADIUS authentication request to the Defender Security Server and waits for a response.


Table 48:




challengeMessage property

The prompt or message to be displayed to the user in response to the previous request.

sessionID property

The RADIUS session ID attribute.

timeout property

The number of seconds which the client program should wait for a response from the server.

Authenticate method

Submits a RADIUS request to the Defender Security Server and waits for a response. Typically, the Authenticate method would be invoked in a loop, whereby the current value of challengeMessage is displayed to the user, and the response from the user is supplied as the authData parameter on the next call to the Authenticate method. This would continue until the user chooses to cancel, or until the return code is not 1. If any request takes more than timeout seconds to complete, the method returns code -106.

C++ syntax
public : HRESULT Authenticate(BSTR userID, BSTR authData, LONG timeout, BSTR ipAddress, LONG port, BSTR sharedSecret, LONG* returnCode );

C# syntax
int Authenticate(string userID, string authData, int timeout, string ipAddress, int port, string sharedSecret);


  • userID  The username of the user to be authenticated. Maximum length is 255 characters.
  • authData  The information which authenticates this user, such as a password or token response, typically entered by the user. You should set the value of this parameter in response to the current value of challengeMessage. Maximum length is 64 characters.
  • timeout  The number of seconds before the request should be abandoned.
  • ipAddress  The IP address of the Defender Security Server in “dotted decimal” format.
  • port  The port number which the Defender Security Server is listening on for this client (Access Node).
  • sharedSecret  This value is used to encrypt communications between the client program and the Defender Security Server. The value supplied here must match that defined in the Defender Access Node object for this client. See the Defender Installation and Administration Guide for further information on configuring Defender. Maximum length is 64 characters.

Return value

  • 0  Authentication successful.
  • 1  More information required to complete authentication.
  • 2  Access denied.
  • -102  Unable to establish communications environment.
  • -103  API not supported on this platform.
  • -105  Unable to establish session with Defender Security Server.
  • -106  Unable to send request to Defender Security Server.
  • -107  Defender Security Server did not respond.

challengeMessage property

Displays the value of the challenge message to the user after each invocation of the Authenticate method.

C++ syntax
public : HRESULT get_challengeMessage(BSTR * bstrDefenderMessage);

C# syntax
public string challengeMessage { get; }

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating