Solutions

After upgrading to 5.3.2.1, web sites that require authentication no longer work

Solutions ID:    KB1008
Version:    3.0
Status:    Published
Published date:    03/02/2009
Updated:    07/07/2009
 

Problem Description

After upgrading to 5.3.2.1, web sites that require authentication no longer work

Resolution

Symptoms :

Two things need to happen for this issue to occur :

1. The OCS (web server) needs to require authentication
2. The request matches a rule on the ProxySG that bypasses authentication, either in the visual policy manager, or the local policy file


Problem :

The behavior of the standard "Do not authenticate" action was changed, it will not pass credentials over to the OCS like it used to. That causes the proxy to forward the request without the username/password entered by the user.


Solution :

The fix for this is to change the action on the policy rule(s).

For VPM rules, open the visual policy manager and go through the different layers and look for rules with an action called "Do not authenticate". Right-click on the action object, click "Set...", and choose "Do not authenticate (Forward Credentials)

If you use a local or central policy file, edit those files and replace the standard action "authenticate(no)" with the new one which is "authenticate(no, upstream_authentication)".


With the modifications in place, the proxy will forward the credentials over to the OCS and the authentication problem should be resolved.

Please refer to the Configuration and Management Guide if you need assistance modifying your VPM or local policy.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question