• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

HTTPS site require authentication

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Cache] >> General >> HTTPS site require authentication Page: [1]
Login
Message << Older Topic   Newer Topic >>
HTTPS site require authentication - 6.Oct.2004 2:04:00 AM   
infoletters

 

Posts: 3
Joined: 21.Jun.2004
Status: offline
Hi all,

Our ISA server in Cache Mode is configured as a single member of an array. It is configured as a downstream to our ISP's content filtering service.

Authentication is Windows Integratedm using DNS for WPAD discovery.

Our business require all outgoing access to be authenticated. However, we are to maintain a handful of public websites where authentication is not require (to faciliate business partners who visit us but require to access their product pages). For the rest of this discussion i will use the term 'useful website' to describe these sites.

To faciliate the require, we created a protocol rule to allow HTTP/HTTPS access to allow any.

We then create 2 Sites and Contents Rules. Rule one allow access to all destination only if the users belong to certain security group.

Rule Two allow any to access to certain destination sets. This destination set is configured to contain the useful website entries.

The above config works ok when unauthenticated users access the useful websites via HTTP (eg http://abc.com). However if the useful website is to be accesses via HTTPS (eg https://abc.com), the unautheicated user is challenged for authenticated.

Any feedback or comments are most appreciated.

Cheers!
Dylan
Post #: 1
RE: HTTPS site require authentication - 6.Oct.2004 11:17:00 AM   
infoletters

 

Posts: 3
Joined: 21.Jun.2004
Status: offline
Hi all,

As a follow-up, we realised that the destination set we created to allow for anonymous access has a /* in the PATH

eg:
DomainName: *.nasdaq.com
Path: /*

Any comment is /* will cause HTTPS to force authentication to the anonymous users?

Cheers!
Dylan

(in reply to infoletters)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Cache] >> General >> HTTPS site require authentication Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts