cancel
Showing results for 
Search instead for 
Did you mean: 

Azure application HTTP 407 authenticationrequired

I am trying to configure an vendor external application to work through Azure Active Directory. The application I am trying to federate resides on the vendor’s network over the internet, so I don’t have much access to it.

Ran the application link in Firefox and used the “Live http Headers” add-on to capture the header information as it was being processed. When I click on the link in the office portal attempt to go to the application I get a 407 error.

I can see that the link is being passed in the header:

https://0007002.hosted.com/samlsp_ hosted

GET / samlsp_ hosted HTTP/1.1

Host: 0007002.hosted.com

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate, br

Shows that Azure is the referrer

Referer: https://account.activedirectory.windowsazure.com/applications/redirecttofederatedapplication.aspx?Op...

Connection: keep-alive

Upgrade-Insecure-Requests: 1

Authorization and failing to go through proxy

Proxy-Authorization: NTLM TlRMTVAACAAAAAAAAAAAAAAAFomgJL4zFmBxcAAAAAAAAAAAAAAAAAA

HTTP/1.1 407 authenticationrequired

Via: (McAfee Web Gateway)

I am already signed in onto my active directory account in Azure and launching the application from the “Apps” page. Is there a rule I need to configure through the gateway?

1 Reply
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Azure application HTTP 407 authenticationrequired

Hi!

A 407 does not necessarily indicate an error. It just means that authentication was requested. In your case, the Web Gateway is using NTLM authentication.

The output you sent above is the first step of a 3 step process. The output doesnt show if authentication completed or failed.

There is likely more requests that you did not send that would help us understand if authentication succeeded or failed.

In general, I dont expect that 407 (proxy authentication) would interfere with the process.

Best Regards,

Jon