cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1769
Views
0
Helpful
1
Replies
jilahbg
Beginner

"WWW_AUTH_REQUIRED"

Hello

I am doing a new implementation of WSA and have problem allowing access for guest users. The WSA authenticates domain users towards AD and as long as the user ahtenticates I can build policies depending on group membership. But I want also unauthenticated users some internet access. This is the policies I´ve built, just for testing

Order 1: Domain admins, member of group Domain Admins. identity: AD. Block one url category just for testing.

Order 2: authenticated users. Identity: AD. Somewhat tweaked policies for testing.

Order 3: "Faild authentications". identity: All. Guest Privileges for users failing authentication. Block most categories.

Global Policy.

When I fire up a browser in a non-domain-member-PC I get a login-prompt for username/password. (Can I get rid of that for guests?) and if I Escape out of that authentication I get an "WWW_AUTH_REQUIRED" error message from WSA.

What am I doing wrong here?

/Jimmy

1 REPLY 1
jowolfer
Beginner

The problem is most likely that the browser doesn't trust the WSA in order to send credentials transparently.

This is most commonly due to one of the following conditions:

  • The transparent redirect hostname is a FQDN instead of a single word hostname. This is configured at: GUI -> Network -> Authentication
  • You're using FF and you haven't changed the about:config -> network.automatic-ntlm-auth.trusted-uris to include the transparent redirect hostname

The browser has to trust the WSA in order to send the local machines credentials and then fail to guest policies.

Cheers,

Josh