How can I forward user credentials to a server behind the ProxySG appliance?

<< Back to Knowledge Search



The following procedure describes how to configure the ProxySG appliance to store user credentials and send them upstream upon request. This allows users to enter their credentials once rather than having to continually re-enter them in order to access a server behind the ProxySG appliance. This type of configuration would be useful in a reverse proxy deployment to prevent users from having to re-authenticate multiple times.

Note: The following procedure will only work with servers that request BASIC authentication. As an alternative you could configure the ProxySG to use constrained Kerberos delegation (also known as IWA on Microsoft IIS). For more details please refer to KB3919.

  1. Open VPM.
  2. Optional: Create a new Web Authentication Layer.
  3. Add a new rule to the Web Authentication Layer, ensuring that the placement of this rule is correct.
  4. Adjust the source and destination accordingly. 
  5. As an action, right-click and select "set."
  6. Select "Send Credentials Upstream."
  7. Adjust the options accordingly.

For more details, refer to the SGOS Administration Guide, "Chapter 44:   Controlling Access to the Internet and Intranet."

Additional Information
Bug Number
InQuira Doc IdFAQ952

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Topic      Authentication
Article Number      000009912
Was this helpful?
Previous MonthNext Month