[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Update Re: [FW1] HTTP user authentication with Ace server & SecureIDtokens.

To: BHusler@pacbell.net
Subject: Update Re: [FW1] HTTP user authentication with Ace server & SecureIDtokens.
From: Elias Aghnatios <Elias.Aghnatios@fujitsu.com.au>
Date: Thu, 22 Apr 1999 11:16:29 +1100
Cc: FireWall Mailing List <fw-1-mailinglist@lists.us.checkpoint.com>


I tried using FW-1 password instead of Ace and Secure ID tokens. Still have the same
problem.

Thanks  a lot

William Joseph Husler wrote:

> I have seen symptoms similar to this with Client authentication and
> HTTP security Server. I believe the root cause is that the initial
> firewall authentication was triggered by an attempt to access a page
> within the same domain as the restricted page. I believe that the
> Browser insists on sending the same cached authentication
> information to both and the firewall and secured site fight over it.
> To test this theory, you might try using telnet to port 259 to
> authenticate prior to starting up Netscape so the authentication is
> not in Netscape's cache.
> Bill
>
> Elias Aghnatios wrote:
> >
> > Hello all,
> >
> > I hope I am describing my problem properly. Sorry for the long
> > description.
> >
> > Version: FireWall 3.0b
> > Platform : Solaris 2.5.1
> >
> > Situation : I have remote clients coming in using SeureID tokens and
> > Radius Authentication. Telnet is working properly. HTTP has got this
> > particular problem: the users can browse the specified http server
> > without any problems, they get authenticated by the Ace server using the
> > SeureID tokens. However, if they try to access a restricted area on the
> > http server requiring a login name and a password, they fail. The users
> > have already been assigned appropriate credentials to access those
> > areas. When accessing those areas they don't supply the Token password,
> > they supply the user names for the web site.
> > The error message logged is : reason Unknown user resource
> > http://aaa.bbb.ccc.ddd:80/xxxxxxx/xxxxx
> >
> > I have also setup a URI Resource to match the web server and specified
> > wild card: * in all fields and clicked all fields int the Match tab of
> > the resource properties.
> >
> > Any ideas.
> >
> > Thanks a lot in advance for your help.
> >
> > ================================================================================
> >      To unsubscribe from this mailing list, please see the instructions at
> >                http://www.checkpoint.com/services/mailing.html
> > ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Dropping RealPlayer
Next by Date: [FW1] SecuRemote and Outlook Client
Prev by thread: [FW1] Secure ID Session Auth with PPTP
Next by thread: Re: Update Re: [FW1] HTTP user authentication with Ace server & SecureIDtokens.
Index(es):
- Date
- Thread