topic admin override an URL and set a cookie in General Topics

admin override an URL and set a cookie

migration — Wed, 23 Feb 2011 08:05:16 GMT

Hello world,

when using the "admin override" function, I thought that PA is seting a session cookie for the browser.

Unfortunatly, it looks like, the PA is just storing the source IP.

When using a proxy, all connections of the overriden page are from the same IP. Thus one guy having the right override password can enable access for *all* users of that proxy. 😕 I've just tested that with two seperate machines using the same proxy.

Isn't there a chance of seting a cookie into the browser?

How have you guys solved above situation?

Cheers and a lot of thanks

Marcus

Re: admin override an URL and set a cookie

dburns — Thu, 24 Feb 2011 03:22:04 GMT

Currently the Admin Override function is designed to remeber the IP address. If all your users are connected through a proxy, then yes they will all be allowed. There is no work around for this setup, short from removing the Proxy.

Dominic

Re: admin override an URL and set a cookie

migration — Thu, 24 Feb 2011 08:22:16 GMT

Hi Dominic,

thanks for that answer. At least I'm shure of not geting it to work now. 🙂

The actual point is, that I need to have some special users to have access to URL-groups others have not. The proxy is unfotunatly mandatory. 😕

There would be a way of geting the proxy to do the authentication, if he would know which category the URL is in. Is there a way of geting the URL-Filter data file from the PA-500? If I could download it to my squid, there would be ways of implement that information into the proxy.

Thanks a lot anyway for your help.

very best regards

Marcus

Re: admin override an URL and set a cookie

migration — Mon, 14 Mar 2011 13:36:38 GMT

Hi Pauli,

if I can, why you placed PA after the Proxy and not before?

In this way you can't see real applications or users making traffic.

Regards