SSL VPN
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
elad
Visitor
elad
Posts: 2
Registered: ‎10-30-2008
0

SSO with Client Certificate

Options

‎12-10-2008 11:50 PM

Hi,

 

I  have in my company  SA 2500, we work with client certificate.

the problem is, when we work with SSO on files sharing (I work with Autopolicy: Windows Server Single Sign-On)

I have to choose three option:

1. Use System Credentials.

2.Use predefined credentials, then I enter a user name and password (user from the domain )

3.Disable SSO

 

So, when I use the first option, when I try to reach the resource the IVE ask for Credentials.

but when I use the second option, I reach to the resource successfuly.

 

I theck with a sniffer and I find out that when I use the first option, the IVE never try to to reach the resource.

and when I use the second option, I can see the request from the IVE to the specific resource.

 

what can be the problem? I what the IVE use the  client certificate to reach that resource.

 

  Thx a lot, Elad Rabinovich

Message 1 of 2 (3,032 Views)
 
Reply
Tessian
Contributor
Tessian
Posts: 77
Registered: ‎07-07-2008
0

Re: SSO with Client Certificate

Options

‎12-16-2008 08:21 AM

I'm confused... how does Juniper know the person's username and password for the user on your domain?  You've only given it a client certificate which I'd assume you're using a field that contains their username, but no password.  I'd assume that's why it's not working with System credentials; it's not even bothering to try since it doesn't have a password to send to Windows for authentication. 

Message 2 of 2 (2,977 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.