WinGate 9 Http Proxy authentification issue

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems

Moderator: Qbik Staff

WinGate 9 Http Proxy authentification issue

Postby Gregor » Jun 24 20 8:08 pm

Hello. I am using WinGate 9 free edition with the WinGate user database engine.
I need to set up an Http proxy server with authentification but have some troubles with this.
I have a java application that sends API requests with the proxy settings specified and these requests are blocked with the WinGate.

My configuration is:
  • WWW Proxy Server with the Basic authentification enabled
  • testUser created in the "Users and Groups"
  • The following access rules created:
    • "Proxy Enabled" - access is allowed for the testUser "From anywhere" to "All"
    • "Banned" - access denied for "Everyone" "From anywhere" to "All"
I am expecting my user, specified with the request, will be validated and the first rule will get hits but all my requests are blocked with the second rule. I can see the following data in the log:
554 6/24/2020 8:57:00.200 127.0.0.1 Administrator WWW Proxy Server 22384 111 info 1 New connection:
555 6/24/2020 8:57:00.200 127.0.0.1 Administrator WWW Proxy Server 22384 111 info 3 Request: CONNECT telemetryqa.broadcom.com:443
556 6/24/2020 8:57:00.201 127.0.0.1 Administrator WWW Proxy Server 22384 111 debug 0 Sending status 403 to client with 2547 bytes
557 6/24/2020 8:57:00.201 127.0.0.1 Administrator WWW Proxy Server 22384 111 info 2 Traffic: 2547 159 0 0 0s
558 6/24/2020 8:57:00.201 127.0.0.1 Administrator WWW Proxy Server 22384 111 info 10 Session terminated: tunnel closed


What is wrong with my configuration?
Attachments
Rules.jpg
Access rules
Rules.jpg (239.04 KiB) Viewed 2109 times
Proxy.jpg
Proxy
Proxy.jpg (57.46 KiB) Viewed 2109 times
Gregor
 
Posts: 1
Joined: Jun 24 20 7:31 pm

Re: WinGate 9 Http Proxy authentification issue

Postby adrien » Jun 30 20 10:13 am

Hi

can you see if the client is sending the auth header?

Normally with http authentication, the client sends a request initially, and the proxy would reply with a 407 status code with an auth challenge, the client would try again with the credentials provided. With BASIC auth, there's only 1 step, since the user/pass are encoded into a single header.

This should be showing in the logs immediately before the 403 response.

Regards

Adrien de Croy
adrien
Qbik Staff
 
Posts: 5441
Joined: Sep 03 03 2:54 pm
Location: Auckland


Return to WinGate

Who is online

Users browsing this forum: Bing [Bot] and 26 guests