Re: Problem using RADIUS authentication on OWA web publishing rule
From: Davor Perat (davor.perat_at_del_this.perpetuum.hr)
Date: Fri, 19 Nov 2004 09:01:22 +0100
Yes, I am talking about RSA and something simillar. Thanx for yours replays.
"S. Pidgorny <MVP>" <SPidgornyMVP@discussions.microsoft.com> wrote in
> Is your "dynamic passwords" RSA SecurID or other one-time password system?
> We had this problem with SecurID, trying to adopt it for Web
> The problem is, every time you authenticate against ACE Server, current
> password expires, and subsequent authentications (that may be required for
> frames, or all HTML objects - depends on many factors) will have to use
> We came to conclusion that SecurID is good enough for VPN and telnet
> authentication but not for Web.
> "Davor Perat" wrote:
>> I have a problem when using RADIUS authentication on OWA web publishing
>> As I must use two types of authentication (RADIUS and FBA), I have use
>> article found on ISAServer.org "ISA Server 2004: Supporting Both Basic
>> Forms-based Authentication with a Single External IP Address and Web
>> Listener" to setup a configuration that uses 2 listeners, only external
>> listener uses RADIUS, and internal listener uses FBA.
>> Everything work fine when I authenticate to RADIUS server with static
>> passwords, but problems occure when i try to authenticate to RADIUS
>> with dynamic passwords. Problem is that while user is browsing OWA site
>> repeatedly sends authentication requests to RADIUS Server. When dynamic
>> password changes, user is required to login again. Is there a way to
>> ISA to authenticate only once in the beggining of session, and stay
>> authenticated during complete OWA session?