Why am I unable to logout from the ProxySG Web-Console?

book

Article ID: 167464

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Incorrectly set up <Admin> layers can produce log in-related issues and security risks such as the following:

  1. Unable to logout from ProxySG Web-Console. Clicking the logout button will just refresh the page and administrator will still be logged in.
  2. No password prompt when accessing the Web-Console. It will give access to anyone trying to login to proxy’s web-console without authentication.


These issues are produced when the <Admin> layer(s) is not set up correctly. A possible scenario is when an “Admin Access Layer” is present without a corresponding “Admin Auth Layer”, a rule in the “Admin Access Layer” such as the following results in unrestricted access:

<Admin>
    ALLOW admin.access=(READ, WRITE)


    The above rule will give anyone “Read-Write” access to the ProxySG without any authentication as there is no “Admin Auth Layer”.

Important: Admin Access Layers should be carefully designed. Rules like the one above can grant full admin rights to the wrong users.