How to pass username password within a webserver URL in a webvpn session
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2011 12:52 AM
Hi
I'm trying to access a web server over WebVPN on an ASA with release 8.2(4). The webserver requires a username and password by doing HTTP basic authentication. Usually I would pass it within the URL with http://myname:mypassword@webserver.test.com:8000/mypassword@webserver.test.com:8000/
Unfortunately such links don't work and the ASA don't even log the access in the logs. So there's no "WEBVPN user myname granted access to URL: " message.
As an advanced challenge of course I would like to provide the credentials automatically from the logged in user using the CSCO_WEBVPN variables. But putting CSCO_WEBVPN_USERNAME and CSCO_WEBVPN_PASSWORD in the URL results, as seen doing the debugs, in a Rot13 URL with
http://myname:CSCO_WEBVPN_PASSWORD@webserver.test.com:8000/CSCO_WEBVPN_PASSWORD@webserver.test.com:8000/
So the password doesn't get resolved and replaced with the real one.
Do I hit some bugs? Didn't the programmers mind that a ":" character is not only used for defining the port of the webserver after the server IP/name but also for separating username and password?
Kind regards
Roberto
- Labels:
-
VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2011 12:28 PM
Hi Roberto,
Could you try to configure the following and see if it helps:
group-policy
attributes webvpn
auto-signon allow uri http://webserver.test.com:8000 auth-type basic username myname password CSCO_WEBVPN_PASSWORD
Once it is done, just try to access http://webserver.test.com:8000 and it should automatically log you in.
Regards,
Nicolas
