Configure single sign-on (SSO) to automatically log the SSL VPN user in to a web-based service when accessing a web forward. As login credentials, you can use either the session username and password, or custom user attributes. User attributes are entered by the end user the first time the web resource is launched. Websites using one of the following authentication methods are supported:
- HTTP Authentication
- Form-Based Authentication
HTTP authentication is a basic method for authenticating users. An HTTP header is inserted into the HTML page, and the browser then queries the user for a username and password. HTTP authentication is supported in three variants: basic, digest, and NTLM authentication. The authentication type is automatically detected by the Barracuda NextGen Firewall X-Series. To automatically log into web forwards using HTTP authentication, you can use static user credentials or user attributes. User attributes can either be the session username or password, or custom values that are configurable by the end user.
Form-based authentication is used when the login credentials are entered on a HTML page. Open the source of the page and look at the HTML code in between the and tags. The X-Series Firewall can automatically log users into web forwards. The form-based authentication type is determined by the HTML source of the login page.