1 of 1 people found this helpful
Short answer, yes. Use the Authentication server or Direct proxy auth with Kerberos.
Long answer: The two devices use two different types of authentication (EWS only does one, MWG does many many many)! This is why you are seeing differences.
For EWS it only does "Web based" authentication. Which means you will be redirected to an "Authentication server" of somekind (on the EWS), it will then authenticate you, and give you a cookie.
For MWG, it offers a number of different types of authentication, the main ones being Direct Proxy Authentication, Authentication Server, Cookie Authentication Server.
If you are using Direct Proxy Authentication with LDAP, then yes the credentials will be sent with every request, base64 encoded. If you use the authentication server, then you can authenticate with the authentication server once every X seconds (default is 600), and this communication can be whatever you like (HTTP/HTTPS).
But they are two fundamentally different types of authentication, and have different underlying processes for user authorization .
Hope this helps,
Excellent answer! Thanks Jon
Hasta la proxima
I understand the concept but can you help me to build the rule ? I try to do it but always appears the text saying that the information will be sent in clear text... so frustrating..
Thanks in advance
Here is a ruleset you can toy with.
You will need to add a new proxy port (10000) for that port, you need to add * for ports treated as SSL.
The ruleset is barebones, and you will need SSL scanner on in order for HTTPS to authenticate properly.
Let me know how this works and if it makes any sense.
Normally you would have to exempt the MWGs IP in the proxy settings, but I tried to make sure that wasnt needed.
2012-07-06_17-52_Barebones.xml 102.3 K
It s works!! you are a master! thanks a lot , thanks , thanks!
usted se merece un aumento de sueldo