Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Block BasicSSO Login Mask after failed login to the backend server

deborah_
Not applicable
‎11-11-2009 08:58:AM
‎11-11-2009 08:58:AM

Block BasicSSO Login Mask after failed login to the backend server

Hi,

Perhaps someone has a good idea how to solve this:

The user logs in to the SSL VPN.

We ge his password at login time. We have enabled SSO to a backend webserver that is protected by a basic authentication. So the SSL VPN posts the password to the backend webserver and we have SSO and can seamless access the backend content. (the SSP VPN and the Apache use different authentication stores)

Ok, till here it's all standard, because the users have the same passwords in both systems.

But the backend webserver is connected to another authentication source than the SSL VPN.

So it can happen that the password of the user is expired in the backend apache system, but he can still log in  to the SSL VPN.

In this case the user is challenged by the SSL VPN with a HTML page (the rendering of the backend basic auth page).  Here the user tries  to login again and clearly it's not working.

Is there a way to disable this intermediate login page that pop ups after the SSL VPN login? So the user will get only an error and not a login page of the backend webserver?

Just in case my description was not clear enough: 

If I had an Apache Reverse Proxy instead of the SSL VPN ;-)  I could solve it with the following directive in the httpd.conf:

Header unset WWW-Authenticate

Is there something similar in the SSL VPN Appliance?




Regards

Deborah

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.