This article describes how you can diagnose basic authentication issues, where users are unexpectedly prompted for credentials in the browsers.
This issue can occur if the Smoothwall is unable to fetch the user credentials from the client automatically. Your users might have a dialog box open and request their credentials, but even after they enter the correct credentials, it doesn't allow them to bypass this.
Possible issues and their solutions
- This could be an issue with the authentication service on the Smoothwall, for example, it's either not running, has communication or validation issues.
To find out the exact cause of where a fault has been found, what the cause of the problem is and how to resolve it:
- In the Smoothwall, on the SERVICES menu, under the Authentication submenu, click Directories, and then for the relevant directory connection, click Diagnose.
- The other cause could be an application running in the background that's not capable of sending authentication answers to the proxy. Applications, other than browsers, generally, don't support proxy authentication.
To solve this, either:
- Add exceptions that bypass authentication for the destinations these application access.
- Change the authentication method to a method where users login to Smoothwall when they log into their system, rather than when they browse.
When troubleshooting and looking at the logs to find the destinations these applications go to, look for entries showing the code 407 in the code column. A 407 signifies proxy authentication required. Any entries with 407 as the code that does not result in a subsequent 200 for accessing the same destination, signifies that the proxy never received an authentication reply from the client.