3 Replies Latest reply on Nov 13, 2013 11:26 AM by eelsasser

    LDAP authentication with fallback to user database authentication

    bornheim

      Hello,

       

      I try to achieve something that seemed to be easy in MWG6: LDAP authentication against an Active Directory and if that fails: authentication against the user database:

      Hardcopy1.jpg

      For LDAP authentication I defined the proxy realm to be "McAfee Web Gateway (LDAP)", for user database authentication I defined proxy realm to be "McAfee Web Gateway (User-DB)".

       

      What I see now is this:

       

      1.) On the first request, Firefox asks for user name and password, the realm is moz-proxy://160.1.3.2:8080". This is IP and port of a Squid proxy between the browser and MWG. Sort of OK

       

      1a.) If I provide correct LDAP credentials, Firefox just repeats the question. Not OK.

       

      1b.) If I provide correct user database credentials, I get logged in. OK.

       

      2.) If I click "Cancel" immediately on the first authentication request, Firefox again aks for user name and password, the realm is "McAfee Web Gateway (LDAP)".

       

      2a.) If I provide correct LDAP credentials, I get authenticated succesfully. Sort of OK. Why not in the first place?

       

      2b.) If I provide correct user database credentials, I get authenticated succesfully. Sort of OK.

       

      2c.) If I click on "Cancel" instead, Firefox shows me the "The proxy server is refusing connections" page. OK.

       

      3.) If I provide INCORRECT credentials on the first authentication request, then click "Cancel", Firefox again aks for user name and password, the realm is "McAfee Web Gateway (User-DB)". Interesting.

       

      3a.) If I provide correct credentials now (LDAP or user database), I get authenticated successfully. Sort of OK. Why not in the first place?

       

      Could someone please provide some insight?

       

      Thanks,

      Robert