3 Replies Latest reply on Jul 9, 2012 7:05 AM by freddykr

    Checking for user attributes without authentication

    freddykr

      In front of our web gateway (v7.2.0.1) we have a squid proxy with digest authentication.

      The squid sends the authentication data to the web gateway also ("Proxy-Authorization: Digest username="user1" ,realm="realm1", nonce="xxxxxx"......").

      The next step should be, that the web gateway checks the LDAP-Directory for specific attributes to operate with different policies for different user groups.

       

      Because of, web gateway is not able to made digest auth to the LDAP itself, it should get the user attributes with the transmitted username from squid only (no authentication, just getting the attributes and work with them).

      How can I implement such a policy without authentication (the user should not get a second popup from the web gateway)?

       

      With Basic-Auth at the squid it works with authentication at the web gateway. But, I have to use Digest-Auth at the proxy.