Authentication Modes
Web Filtering Proxy is able to enforce authentication for proxy users. Currently the application supports the following authentication modes. Next topics will describe each mode in details.
| Mode | Authentication Type | Description |
|---|---|---|
| None | Disabled | Proxy authentication is disabled. This is a default mode after installation. In this mode no proxy authentication is required and connecting proxy users can only by identified by their IP addresses. |
| IP Address Labelling | Pseudo Auth | Pseudo authentication (assigning of labels) to IP addresses in your network. |
| Client Certificate Authentication | TLS Certificates | Authentication of clients based on installed client TLS certificates. Only works in Secure Proxy mode. |
| Local Users Database | Basic Proxy Auth | Authentication using the manually managed list of user names and passwords stored in a file on the proxy server (like htpasswd for Squid or Apache). |
| Microsoft Active Directory | Negotiate Proxy Auth | Built-in Microsoft Windows single-sign-on proxy authentication using the Negotiate authentication scheme (both Kerberos and NTLM) with users from your Active Directory environment. |
In order to select which mode to use, open Admin UI / Proxy Settings / Proxy Authentication section as shown on the following screenshot. Note that some modes of authentication require additional configuration steps (see next article).
