Authentication is not working

Authentication is not working

Issues

If your LDAP configuration is improper, you should face authentication issue
If your user name or password is wrong, you should face authentication issue
In case of SSO authentication if your access policies under access restriction section are not properly configured, you should face authentication issue.
In case of SSO authentication if your entered wrong password multiple times for LDAP fail over your password should save under Reports > password cache on SafeSquid interface, you should face authentication issue.
If SSO configuration is improperly configured, you should face authentication issue
If time and date synchronization is not same among proxy server,active directory and client machine, you should face authentication issue

Solution

Case 1: If your LDAP configuration is improper, you should face authentication issue
Integrate Active Directory for Simple Authentication as per the link so that your authentication issue will solve.
Verify it from SafeSquid Logs.
  1. GET http://safesquid.cfg/ HTTP/1.1
  2. Host: safesquid.cfg
  3. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
  4. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  5. Accept-Language: en-US,en;q=0.5
  6. Accept-Encoding: gzip, deflate
  7. Connection: keep-alive
  8. Upgrade-Insecure-Requests: 1
  9. Proxy-Authorization: Basic c2FtaWRoYWs6c2FydmE=
  10. 2019 04 08 16:34:56.398 [11750] debug: ldap: set_dn:1009 ip:[192.168.0.10] user:[SAMIDHAK@SAFESQUID.TEST] DN:[CN=samidhak,DC=safesquid,DC=test] Groups:[DC=safesquid DC=test,CN=MANAGERS DC=safesquid DC=test,SAMIDHAK@SAFESQUID.TEST]
  11. 2019 04 08 16:34:56.398 [11750] error: security: [IP:192.168.0.10] password cache: authentication failed for samidhak
  12. 2019 04 08 16:34:56.399 [11750] debug: header: to 192.168.0.10:
  13. HTTP/1.1 407 Proxy Authentication Required
  14. X-Powered-By: safesquid-2019.0401.1624.3-swg-standard
  15. Proxy-Authenticate: Basic realm="sabproxy.safesquid.test"
  16. Content-Length: 0
  17. Proxy-Connection: close
  18. X-SafeSquid-Client-ID: 11750.0
Case 2: If your user name or password is wrong, you should face authentication issue
Make sure about your username and password for any authentication either it will be Simple authentication link,Basic authentication link or Interface authentication link
Case 3: In case of SSO authentication if policy configuration under Access Restriction section is improper, you should face authentication issue.
Make sure about your policy configuration under Access Restriction section as per the link
Case 4: In case of SSO authentication if authentication challenge appears on interface and your entered wrong password multiple times for LDAP fail-over your password should save/stored under Reports > password cache on SafeSquid Interface, you should face authentication issue
Access SafeSquid Interface LINK and remove all the password which you entered from Reports > password cache.
Case 5: If SSO configuration is improper, you should face authentication issue
Before Integrating Active Directory For SSO Authentication make sure your DNS configuration and NTP server configuration is as per the specify DNS and NTP server Configuration
For Integrating Active Directory for SSO Authentication follow link so that your authentication issue will solve.
Case 6: If time and date synchronization is not same among proxy server,active directory and client machine, you should face authentication issue
Verify the time and date synchronization among proxy server,active directory and client machine using following command.
Command:
  1. root@sabproxy:~# ntpdate <server_IP>
Example:
In our case Proxy server IP address: 192.168.221.222
Active Directory IP address: 192.168.221.1
Client machine IP address: 192.168.221.212 (Windows test machine)
Verify time and date synchronization from proxy server (192.168.221.222). Run below command
Command:
  1. root@sabproxy:~# ntpdate 192.168.221.1                   
25 Jan 16:44:14 ntpdate[22275]: the NTP socket is in use, exiting
Time synchronization between Proxy server and Act
Same way verify Time synchronization between Proxy server and Client machine as well as Active Directory and Client machine
All the three machines are with same time and date




    • Related Articles

    • Application not working with Authentication

      Issues Certain applications (like dropbox) not working with authentication. Root Cause Certain applications (like dropbox) which does not support proxy authentication, they want to bypass authentication for that application. Solution Follow the link ...

    • Application not working with HTTPS inspection

      Business challenge The HTTPS inspection Bypass option enables you to define specific websites that are not subject to decryption as they flow through the proxy. Some websites may include personal identification information that should not be decrypt. ...

    • SSO authentication Fail

      Troubleshooting If your configuration is exactly similar to How to and still your SSO authentication is failed 1.Make sure User Name: administrator@safesquid.test (User name should be any user from AD having administrative permissions) 2.Monit ...

    • Category update is not working

      Issues I am trying to add new websites to whitelist or black list category, but it is not updating Uploaded a new file with some websites and added to specific category, but i did not find that websites in the respective category SafeSquid interface ...

    • SSL certification errors

      Issues with their Root Cause When SSL certificate imported into chrome browser and still shows Your connection is not secured for HTTPS sites. ->Policies in HTTPS Inspection subsection may not be configured correctly. While successful configuration ...