[j-nsp] Netscreen Authentication

[M.Mihailidis]

I have configured the time out to 1 and tried the clear auth but the
behavior is still the same the other thing I tried was to clear all private
data from firefox and only then I had the users reauthenticating when they
went to home page but still there was some strange behavior (Google search
was possible but opening the the links forced authentication). The thing I
want to do is not to manually force the users to re authenticate but to be
done through the timeout like Webauth.




-----Original Message-----
From: Stefan Fouant [mailto:sfouant at gmail.com] 
Sent: Tuesday, May 06, 2008 4:34 PM
To: M.Mihailidis
Cc: Juniper-Nsp; Juniper Netscreen
Subject: Re: [j-nsp] Netscreen Authentication

There is indeed a timeout setting for auth users, but it sounds to me
that it hasn't expired, hence what appears to be users "bypassing"
authentication is actually the normal behavior.  Authentication is
applied when a session is first created.  The user will no longer need
to authenticate so long as that session is still active OR the auth
timeout has not expired.

You could always issue the "clear auth" and "clear session" commands
at CLI to force the user to reauthenticate.

Also, you may want to adjust your auth-server timeout for local users:

set auth-server Local timeout 30

Cheers,

Stefan Fouant

On Tue, May 6, 2008 at 4:33 AM, M.Mihailidis <mixalism at gmail.com> wrote:
> Hello im trying to configure authentication for users. Im using auth user
as
> a method but I have a question
>
> Isn't there a timeout for a user like webauth to relogin to have access
> again? There is a timeout in the auth server (local)but even when the
> username /password is shown and im not giving the right usr/pass the user
> still has access.
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>