8 Replies Latest reply on Feb 25, 2015 5:30 PM by malware-alerts

    Some user-agent do not respond to HTTP 407 (authentication required) from MWG

    malware-alerts

      We are in the process of migrating our environment from an old ISA 2006 proxy to MWG.

       

      I've been running in strange authentication difficulties with some applications.

       

      One specific one I'm currently having issues with is a Nexus Maven Repository Manager sitting on a Windows server (User-Agent: "Nexus/2.3.1-01 (OSS; Windows Server 2008 R2; 6.1; amd64; 1.7.0) apacheHttpClient4x/2.3.1-01"

       

      When the application goes through our ISA proxy, it gets the typical response "HTTP407" twice and then sends it's credentials and is properly authenticated.

       

      When pointing to MWG, I can see MWG sends 2x "HTTP407" responses but never actually receives the credentials from the application (therefore doesn't have access).

       

      What I basically did as a workaround is to bypass authentication for the given user-agent but I'm kinda baffled as to why it's working just fine with ISA and not with MWG.

       

      I've also had this exact same behavior with another application that doesn't have a 'user-agent' field in its request headers, works just fine with ISA authentication but simply won't send the credentials with MWG.

       

      Has anybody else run into a similar issue?