1 Reply Latest reply on Nov 19, 2013 11:54 AM by sliedl

    Connection redirection

    corecycle

      Hi Guys,

       

      I have a rule to connect to server via port 80 from External IP and redirect to LAN IP with Passport Authentication

      User reported that they were able to connect even without passport authentication which is not the correct behavior.

       

      I presume the password still stored on their browser so when they open their browser then no need to authenticate.

      How to check the previous logs filtering by date to investigate that they really able to login with passing passport authentication. Thanks

        • 1. Re: Connection redirection
          sliedl

          The HTTP proxy caches successful authentications for an amount of time also.  In the /secureos/etc/proxy/httpp.conf file there is this section:

           

          # Authenticate ttl (time to live) in seconds.

          # The time a checked username/password combination remains cached

          # (default 3600). If a wrong password is given for a cached user,

          # the user gets removed from the username/password cache forcing

          # a revalidation.

          authenticate_ttl[3600]

           

          The default is for the HTTP proxy to cache successful authentications for one hour.  If you change this file you must restart httpp to re-read the file:  cf daemond restart agent=httpp