Allow users to access to a specific URL when an authentication error occurs
search cancel

Allow users to access to a specific URL when an authentication error occurs

book

Article ID: 166279

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

This solution should be used when it is required to override an authentication error for a particular URL and allow the user to access the content.

Resolution

  • On the ProxySG Management Console, launch the text editor in Policy > Policy Files > Policy Files > Local Policy > Text Editor > Install
  • Append the following Content Policy Language (CPL)  rules: 

<Proxy>
url.domain=www.example.com authenticate(realm_name) authenticate.force(no) authenticate.mode(auto) authenticate(realm_name) authenticate.tolerate_error[credentials_required, certificate_missing, guest_user, need_credentials, no_user_in_cert](yes) authenticate.force(no) authenticate.mode(auto) 

<Proxy>
user.authentication_error=credentials_required authenticate.guest("GuestUser", 0, "realm_name")

Notes:

  • Make sure to replace "realm_name" with the name of the authentication realm that you are using.
  • By using this code, all guests clients will be logged in as a user called "GuestUser". If you wish to identify the user that's performing the request, you can change this name to the following: "Guest_$(client.address)". By doing this, the proxy will log each guest with its associated IP address. This can be useful for reporting and troubleshooting problems.
     
  • Install the policy and apply the changes to the ProxySG appliance.

 

Powered by Wolken Software