Re: Integrated authentication and IE proxy settings
- From: "Leonid Bogdanov" <leonidbogdanov n o s p a m@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 5 Apr 2006 14:42:24 -0700
Thank you for the response. Just now got some time to test this again with
different security options.
1. IE Options/Connections/LAN Settings/Proxy Server points to a specific IP
address and port.
2. IE Options/Advanced/Enable Integrated Windows Authentication is checked.
3. ISA requires windows authentication.
Even if I access the internal site http://intranert , IE prompts me for
credentials.
I reset IE Security level to default for all zones - still prompts.
I set IE Security User Authentication/Logon option to "Automatic logon with
current username and password" for ALL zones - still prompts.
Again, everything works fine if I have IE proxy detection set to Auto.
What else am I missing?
Thanks,
Leonid
"Dan Bar-Lev [MSFT]" <danblev@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:erNONk6VGHA.5100@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
This behavior is governed by the security settings of IE.
IE by default will not provide integrated authentication to sites that are
not local. For this IE assumes that if the name includes a dot ('.') then
it is external and won't do integrated authentication.
On the other hand, once the automatic detection is configured then the
script tells IE which sites are internal.
You can control these settings in IE/Options/Security and also in the
Advance settings.
---------------------
This posting is provided "AS IS" with no warranties, and confers no
rights.
---------------------
"Leonid Bogdanov" <leonidbogdanov n o s p a m@xxxxxxxxxxxxxxxxxx> wrote in
message news:O5e1033VGHA.1868@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
I'm investigating how to connect our application to the external website
from the network with ISA configured as proxy with the authentication
mode= Integrated and "Require all user to authenticate" checked. I
tested my configuration from the Internet Explorer.
1. If "Automatically detect setting" option is checked on the internet
options dialog in IE, then the browser connects to external sites
without any problem. In the ISA log I can see that my requests went
through and were authenticated under my domain user name.
2. If I uncheck "Automatically detect setting" and check "Use a proxy
server .." option, and provide the server name in the text box, then
whenever I try to access internet, IE prompts me for my user
name/password. ISA log shows attempts to anonymously access external
website.
My question is - why the behavior is so different for these two options
in the IE? Why it is asking me for credentials if I explicitly set the
proxy server?
Thank you,
Leonid.
.
- Follow-Ups:
- Re: Integrated authentication and IE proxy settings
- From: Dan Bar-Lev [MSFT]
- Re: Integrated authentication and IE proxy settings
- References:
- Integrated authentication and IE proxy settings
- From: Leonid Bogdanov
- Re: Integrated authentication and IE proxy settings
- From: Dan Bar-Lev [MSFT]
- Integrated authentication and IE proxy settings
- Prev by Date: Firewall client issues?
- Next by Date: Re: SSL passthrough ISA
- Previous by thread: Re: Integrated authentication and IE proxy settings
- Next by thread: Re: Integrated authentication and IE proxy settings
- Index(es):
Relevant Pages
|
