search cancel

Authentication popup on smart phone while going through proxy

book

Article ID: 174986

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

Your smart phone - Windows, Android or Apple, are getting authentication popups from the ProxySG / ASG to authenticate.  This popup is a result of the browser not automatically forwarding credentials to the proxy after receiving an authentication prompt (either a 401 for transparent or 407 for explicit).  The issue can be caused by one of the following:

  1.  Your phone is not added to the domain / the account logged in to the phone is not a domain user.  Because of that the phone has nothing to forward to the proxy, authentication will never succeed and you will continue to get the authentication popup on each refresh of the Web Page.
  2. If the popup occurs within an App (not a browser), that App most likely does not have the ability to access stored credentials to forward them to the proxy; the App itself does not support authentication.

Resolution

In either of this cases you will need to bypass authentication.

  1. In this case you need to find some collective shared criteria between the phones (WiFi subnet for example) and add a rule on the proxy to bypass authentication for those devices
  2. In this case you need to find the User-Agent from the HTTP header via a Policy Trace used by the App receiving the prompt and bypass authentication based on that User-Agent.  If no User-Agent present consider redesigning the policy to explicitly authenticate known User-Agents (like Chrome, IE, Firefox, etc.) but leaving authentication disabled for unknown User-Agents.

Example:

Attachments