[j-nsp] Netscreen Authentication

M.Mihailidis mixalism at gmail.com
Tue May 6 10:00:27 EDT 2008 

Yes it's the cache or authenticated sessions just cleared them both and re
authentication was requested but as it seems I cannot use that feature
because I cannot control or ask the users to clear their web browsers cache
cookies etc etc. The thing is to control them without interfering their
pc.is there any other bypass for this type of authentication or I have to
use Webauth?



-----Original Message-----
From: Stefan Fouant [mailto:sfouant at gmail.com] 
Sent: Tuesday, May 06, 2008 4:47 PM
To: M.Mihailidis
Cc: Juniper-Nsp; Juniper Netscreen
Subject: Re: [j-nsp] Netscreen Authentication

Actually it sounds to me like firefox might be pulling up cached data...

Try waiting for the authentication to expire (or manually clear it),
then delete your firefox cache, then hit google and let us know what
happens.

Cheers,

Stefan Fouant

On Tue, May 6, 2008 at 9:40 AM, M.Mihailidis <mixalism at gmail.com> wrote:
>
> I have configured the time out to 1 and tried the clear auth but the
> behavior is still the same the other thing I tried was to clear all
private
> data from firefox and only then I had the users reauthenticating when they
> went to home page but still there was some strange behavior (Google search
> was possible but opening the the links forced authentication). The thing I
> want to do is not to manually force the users to re authenticate but to be
> done through the timeout like Webauth.
>
>
>
>
>
> -----Original Message-----
> From: Stefan Fouant [mailto:sfouant at gmail.com]
> Sent: Tuesday, May 06, 2008 4:34 PM
> To: M.Mihailidis
> Cc: Juniper-Nsp; Juniper Netscreen
> Subject: Re: [j-nsp] Netscreen Authentication
>
> There is indeed a timeout setting for auth users, but it sounds to me
> that it hasn't expired, hence what appears to be users "bypassing"
> authentication is actually the normal behavior.  Authentication is
> applied when a session is first created.  The user will no longer need
> to authenticate so long as that session is still active OR the auth
> timeout has not expired.
>
> You could always issue the "clear auth" and "clear session" commands
> at CLI to force the user to reauthenticate.
>
> Also, you may want to adjust your auth-server timeout for local users:
>
> set auth-server Local timeout 30
>
> Cheers,
>
> Stefan Fouant
>
> On Tue, May 6, 2008 at 4:33 AM, M.Mihailidis <mixalism at gmail.com> wrote:
> > Hello im trying to configure authentication for users. Im using auth
user
> as
> > a method but I have a question
> >
> > Isn't there a timeout for a user like webauth to relogin to have access
> > again? There is a timeout in the auth server (local)but even when the
> > username /password is shown and im not giving the right usr/pass the
user
> > still has access.
> >
> >
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
>

More information about the juniper-nsp mailing list