cancel
Showing results for 
Search instead for 
Did you mean: 
paladin385
Level 7

Authorized Override

I am using authorized override rule with URLconfiguration and with LDAP authentication. I want that my users enter credentials on block page for authorized override and that i get this user name for later use.

The thing that i want to do is to allow authorized override just to specific usernames(from local username list), without previous authentication.

Example: block page appears to user, user enters credentials, and if entered username is not on list in webgateway he can not proceed. How can i do that?

I have used Default authorized override rule from library, and added criteria (if user name is in list) but this does not work for me.

Used rule:

ScreenShot137.jpg

0 Kudos
4 Replies
nate.hall
Level 9

Re: Authorized Override

I'm simply taking a guess here but it doesn't look like your authentication is turned on. I see both your NTLM and LDAP authentication are disabled. If it can't authenticate, it will not be able to know who is in the list of allowed users for override.

0 Kudos
paladin385
Level 7

Re: Authorized Override

I am not using authentication before this rule. I  have a form for authentication on block page for authorized override.

ScreenShot130.jpg

I just want to add some users  from my LDAP to have an option for authorized override, but the block page is the same for all users.

0 Kudos
McAfee Employee

Re: Authorized Override

For this to work, MWG needs to think that the user who is attempting to override, is "not authenticated" otherwise they will be allowed to override.

To have this work as you so desire, create a rule above "Redirect after authenticating for AuthOverride", use the following for the rule info:

-Name: Allow only authorized users

-Criteria: Authentication.Username is not in list [Authorized users for override]

-Action: Continue

-Event: Authentication.IsAuthenticated = false

Afterwards, remove the additional username based criteria you have added to "Redirect after authenticating for AuthOverride".

Let me know if this helps,

Jon

0 Kudos
paladin385
Level 7

Re: Authorized Override

Hi John,

your answer was helpful but did not solve my problem. This only works if users are previously authenticated. But i solved the problem, thanks to your help.

I made some changes, but your answer was the basis for solving this problem.

Thank You.

ScreenShot140.jpg

0 Kudos