Add Usernames to X-Authenticated-User HTTP Header using the ProxySG/ASG

book

Article ID: 168952

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

There may be a requirement to have the authenticated user information displayed in the HTTP header (for example if the upstream device needs to know user details for accounting purposes).
 

Resolution

There is no pre-defined function for this on the ProxySG/ASG, however you can enable this header using CPL code or through VPM.

Add the following CPL code to the local policy file to enable this header:

define action AddXAuthHeader
set(request.x_header.X-Authenticated-User, "$(user)")
end action AddXAuthHeader

<Proxy>
authenticated=yes action.AddXAuthHeader(yes)


For more information on how to add CPL code to the local policy file please see this KB article: How do I add CPL to a local policy file on the ProxySG?

Follow the steps below to add usernames to the X-Authenticated-User HTTP header using VPM:

  1. Login to Web Management Console of the ProxySG/ASG
  2. Navigate to Configuration -> Policy -> Visual Policy Manager and click on the "Launch" button to launch the VPM.
  3. Add a new Web Access Layer In Visual Policy Manager window by navigating to Policy -> Add Web Access Layer...
  4. Add a New rule.
  5. Right click and select Set under Action to open the Set Action Object Window
  6. Click on the "New" button and select Combined Action Object
  7. Add Allow to Selected Action Objects list
  8. Click on the "New" button and select Control Request Header
  9. Set Show: Custom
  10. Enter Header name: x-authenticated-user
  11. Enter Set Value: $(user)
  12. Add the newly created ControlRequestHeader to the Selected Action Objects list
  13. Click "OK" button.
  14. Click "OK" button. 
  15. Now, click "Install policy" to install the policy.