Authentication basic realm

Configuration Variable Data Type Description
proxy.config.proxy.authenticate. basic.realm STRING

Default: NULL

Specifies the authentication realm name. If the default of NULL is specified, Content Gateway is used.

proxy.config.auth_type INT

Default: 0

Specifies the type of client authentication.

  • 0 = None
  • 1 = LDAP
  • 2 = RADIUS
  • 3 = Legacy NTLM
  • 4 = Integrated Window Authentication
  • 5 = Rule-Based Authentication
proxy.config.multiauth.enabled INT

Default: 0

Enables (1) or disables (0) rule-based authentication. Tells Content Gateway to use the auth_rules.config file.

proxy.config.multiauth.domain. max INT

Default: 50

Specifies the maximum number of domains that can be added or joined on Configure > Security > Access Control > Domains

proxy.config.auth.form_ filename STRING

Default: auth_form.html

Specifies the file that defines the Captive Portal authentication page.

This variable must be added manually. Changing this filename is not recommended.

proxy.config.internal.file.path STRING

Default: /opt/WCG/config/ui_files

Specifies the location of any css and image files used to define the Captive Portal authentication page. The full default path is /opt/WCG/config/ui_files. Image files are located in an /images sub- directory.

This variable must be added manually.

proxy.config.ssl.auth_server_ port INT

Default: 4443

Specifies the local port used for the HTTPS Captive Portal page.

proxy.config.ssl.use_custom_ cert_for_captve_portal INT

Default: 0

Enables (1) or disables (0) the use of a custom certificate with Captive Portal.

proxy.config.auth.sharecookie INT

Default:0

Enables (1) or disables (0) authentication cookie sharing. This is automatically enabled when cookie cashing is enabled.

proxy.config.auth.reauth_for_ null_user INT

Default: 0

Enabled (1) or disables (0) re- authentication with a NULL user is used with a valid password.

This variable must be added manually and is only valid for LDAP authentication..

proxy.config.auth_user_ip_sess_ timeout INT

Default: 60

Specifies the number of seconds a device IP address and a user are associated.

Content Gateway will associate an IPv4 address with the same user name for this length of time.

This variable works with proxy.config. auth_user_ip_max_num and must be manually added.

proxy.config.auth_user_ip_ max_num INT

Default: 1

Specifies the number of devices from which a single user can access the Internet for the number of seconds configured by proxy.config.auth_

user_ip_sess_timeout.

This variable must be manually added.

proxy.config.auth.ssl_auth_url INT

Default: 1

Disables (0) or enables (1) authentication of HTTPS requests over HTTPS, using port 8443. When disabled, authentication for HTTPS requests is done over HTTP, using port 8080.

proxy.config.auth.sync_auth_ config INT

Default: 0

Disables (0) or enables (1) the control of the syncing of auth_rules.config files across the cluster.

Note that, to avoid invalid rules, the domain identifier needs to be the same across the cluster.