Once you have configured WinGate to use a selected user database, you can then use the users and groups to implement security throughout WinGate.
Authentication in the WinGate Management console
The WinGate Management console is typically used to administer WinGate, but it can also be used by users to authenticate to WinGate. Restricted permissions can be used to prevent unauthorised changes to WinGate configuration or viewing of data that should not be accessible to users.
WinGate allows you to set access permissions to a wide range of objects in WinGate, based on a user or their membership of a particular group. This allows you to control who can log into the WinGate Management console, and what screens and controls they are allowed to see and/or access.
By default, full access is granted on all permission items to members of the Administrators group (Domain administrators for the Active Directory Connector).
The User / Group check item in policy can check whether a user associated with the associated event (e.g. who has made a request, who is trying to access a WinGate service etc.) is a member of a group or not, and can therefore be used to perform per-user or per-group policy.
The Policy system can force the user to identify (authenticate) themselves to WinGate before allowing them to make an Internet request, access a WinGate service etc.
The Policy system provides the User/Group check policy item to see whether the person identified (authenticated) by WinGate is a certain person, or a member of a specific group. When used in conjunction with other policy items, the User / Group check item allows you to set precise control on what users and groups can actually request, and access through WinGate.
You can use any of the WinGate policy scripting items (Run Javascript script, Run Lua script, Expression Evaluator) to access the User object published in WinGate. The User object provides methods to access user related information. See the WinGate objects section below for a description of the User object.
When using a WinGate script system (Javascript event processor, Lua event processor etc.) or a WinGate configuration with access to the Symbol browser, you can access the User object published in the WinGate Schema to access the relevant data associated with the user. The User object published by the User Database Manager provides methods which you can use to obtain and evaluate user information.
Member |
Type |
Description |
|---|---|---|
AccountName |
String |
The user's account name. String objects have various member functions that can be used in this context. e.g. A script could contain: User.AccountName.Contains("Smith") This would check to see if the Account Name for the user contained the string "Smith" regardless of case. |
Description |
String |
The Description field of the user as a string object. |
FullName |
String |
The user's full name, as found in the Full Name field of the users properties |
GUID |
String |
The GUID assigned to the user object as a string object. |
Name |
String |
The name of the user object as a string object. e.g. A script could contain: User.Name=="Smith" This would check to see if the username of the user is equal to "Smith". |
SID |
String |
The security identifier (SID) of the user as a string object. |
Type |
Number |
A numeric value representing the type of the object. 1 for a user object, 2 for a group object. |
You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query:
