Authentication policy

In order to have a policy that will authenticate users when they attempt to access the Internet through WinGate, you will need to create the policy based on a request oriented type of event (e.g. ConnectRequest, ProxyRequest, ServerRequest, or Request). These types of events will make available a Result policy item that has an Auth option which will can be used to force users to authenticate themselves to WinGate.

How it the authentication policy works

When a user has authenticated themselves with WinGate, they will be placed for the duration of their Internet session, into a special Policy system group known as Authenticated Users.

When a user makes a connection, you can use the User/Group check policy item to see if the user is a member of this special group. If the user is not a member (i.e. they are not currently authenticated) then the policy processing can be directed to a Result policy item that will force the user to authenticate themselves as shown in the policy flow chart example below.

In this example when a user makes a server request to the WWW Proxy server (the event) the policy will the User/Group check policy item (Member of the Authenticated users group) to see if the user is a member of the Authenticated users group. If they are the policy will follow the Yes processing path to the Allow result item.

If they are not a member ( i.e. either they haven't previously been authenticated, or their authenticated session has expired) then the policy will take the No path to the Auth result, forcing them to authenticate with WinGate. Usually clients will be prompted by their browser to enter valid credentials.

To create an Authentication policy:

(Please refer to the Policy help for information about creating and configuring policies. This step by step will create the policy flowchart shown above.)

1. Open the WinGate Management console.
2. Navigate to Control Panel > Policy.
3. On the Policy panel, select New policy to create a new policy based on the type of request event that will require users to authenticate. This will open the policy editor.
4. In the Events section of the policy editor toolbox, drag the selected Event item on to the policy editor worksheet (In this example we have based the policy on the WWW Proxy Server: ProxyRequest event).
5. In the Items section of the policy editor toolbox, select the User/Groups check policy item and drag it on to the worksheet. This will open the User\Group check policy properties.

   

   Close | Close all images

6. Click the Search button to look for the Authenticated Users group.
7. Highlight the Authenticated Users group and click OK. This will return you to the policy editor worksheet where the newly configured User\Groups check will blink allowing you to give it a meaningful title to identify it in the policy flow.
8. Select the Event item that you dragged on to the worksheet, then click on the output connector and drag it onto the User/Group check policy item that that you have just configured.
9. Select a Result policy item from the policy editor toolbox, and drag it to the worksheet. This will open the Result properties.

   

   Close | Close all images

10. Configure this Result policy item to Allow.
11. Click on the YES output connector of the User/Group check policy item on the worksheet, and drag it on to the newly created Result item.
12. Select another Result policy item from the policy editor toolbox, and drag it to the worksheet. Configure this result item to Auth.
13. Click on the No output connector of the User/Group check policy item on the worksheet, and drag it on to the newly created Result item that you configured to Auth.
14. In the menu at the top of the policy editor, click Save to save the policy. The policy flow chart should look similar to the example.

    

    Close | Close all images

Note