Re: ISA 2004 HTTP Filter
- From: "GALBARZ" <GalBarz@xxxxxxxxx>
- Date: 9 Feb 2006 12:25:19 -0800
NTFS security will not help in this case,
because the site is used both by the internal domain and the isa
domain,
permission are being handled by a third party appliaction, based on
windows authentication, I dont want the external users to be able to
even try to authenticate with internal users acounts user\password.(Top
level paranoid)
I have captured http packets with network monitor and found the packed
that i need to filter out.
The problem is that I need to filter only the part with the domain name
(I cannot create a separate filter fo every internal username........)
Im looking for a way to use somthing like %string% or *string* .
Thanks again for your help!
ZVR wrote:
users have to authenticate again with basic authentication to the
internal site.
I want to allow authentication only with a user from a specific domain,
and to "filter out" all attempts to use basic authentication with other
domains.
The easiest way to achieve this if you're using IIS would be to leave ISA
alone and configure NTFS security on your website to allow access only with
the user account(s) you want. Is this not an option?
Virgil
.
- Follow-Ups:
- Re: ISA 2004 HTTP Filter
- From: ZVR
- Re: ISA 2004 HTTP Filter
- References:
- ISA 2004 HTTP Filter
- From: GALBARZ
- Re: ISA 2004 HTTP Filter
- From: ZVR
- Re: ISA 2004 HTTP Filter
- From: GALBARZ
- Re: ISA 2004 HTTP Filter
- From: ZVR
- ISA 2004 HTTP Filter
- Prev by Date: Re: ISA Sp2 problems
- Next by Date: Client Authentication using certificate - Can this only work with the entreprise CA?
- Previous by thread: Re: ISA 2004 HTTP Filter
- Next by thread: Re: ISA 2004 HTTP Filter
- Index(es):
Relevant Pages
|
