How to authenticate a guest user even if the user cancels the login popup without providing login credentials
Article ID: 166293
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
Even if a guest user authentication is implemented, if a user cancels the login popup without providing any login credentials, the proxy returns authentication_failed exception which denies the access.
Resolution
000008712 explains how to authenticate guest users. However, if a user cancels the login popup without providing any login credentials, the proxy returns authentication_failed exception which denies the access. Therefore, in addition to 000008712, we will need to modify the authentication_failed exception to provide a guest login URL and authenticate the user as a guest when they click the link.
Step 1. Modify exception page:
from the CLI:
#conf t
#(config)exceptions
#(config exceptions)edit authentication_failed
#(config exceptions authentication_failed)inline details eof
<a href=http://wwww.yourdomain.com/guestlogin/>Click here to login as guest.</a>
eof
#(config exceptions authentication_failed)inline help eof
<h4>Guest users have limited access to the internet.</h4>
eof
#(config exceptions authentication_failed)exit
NOTE: The static URL in the authentication_failed exception page is to authenticate the user as a guest when the user clicks the link. You will then provide guest user login information and guidelines in the web page.
Step 2. Add a Guest Authentication rule
In order to authenticate the user as a guest when they click the URL, add a rule in web authentication layer and set the destination (Request URL - the static URL referenced in the authentication_failed exception) and action (Guest Authentication - the same Guest Authentication object which was created in 000008712 at step 5).
NOTE: This Web authentication rule should be located before the rule created in 000008712 at step 4.
Feedback
Yes
No
Powered by
