Does MS Forefront TMG cache authentication?

Posted by SnOrfus on Server Fault See other posts from Server Fault or by SnOrfus
Published on 2011-05-24T17:24:49Z Indexed on 2012/09/19 15:42 UTC
Read the original article Hit count: 512

Filed under:

windows-server-2008-r2

|

ms-forefront-2010

I'm testing a client machine that makes requests to a biztalk server using a forefront machine as a web proxy. Upon first test I put in an invalid name/password into the receive port and received the correct error message (407). Then, I set the correct name/password and everything worked correctly.

From there, I kept the correct information in the receive port but put an invalid name/password into the send adapter but the process completed successfully (should have failed with 407).

I've ensured that both the recieve and send ports are not bypassing the proxy for local addresses.

So the only thing that seems to make sense is if TMG is caching the authentication request coming from the machine I'm working on.

Is this thinking correct, and if so, does anyone know how to disable it in TMG?

© Server Fault or respective owner

Related posts about windows-server-2008-r2

Cannot enable network discovery on Windows Server 2008 R2

as seen on Server Fault - Search for 'Server Fault'
I'm trying to enable the Network Discovery feature on a newly installed Windows Server 2008 R2 instance. The network connection is in the Home or Work profile (it is not domain joined). These are the steps I've followed: Within the Network and Sharing Center I select Change advanced sharing settings Then… >>> More
Windows Server 2008 R2: AD Module for Windows PowerShell

as seen on Internet.com - Search for 'Internet.com'
Windows Server 2008 R2 includes a new Active Directory module for Windows PowerShell, a consolidated group of 76 cmdlets that can perform a host of tasks against Active Directory's various services. >>> More
Windows Server 2008 R2: Introducing the AD Administrative Center

as seen on Internet.com - Search for 'Internet.com'
The Active Directory Administrative Center in Windows Server 2008 R2 is a significant improvement over its predecessor. Although not without limitations, it offers beefed-up management of AD objects, new navigation capabilities, better task-based management options, and improvements to the properties… >>> More
Sun Fire X4270 M3 SAP Enhancement Package 4 for SAP ERP 6.0 (Unicode) Two-Tier Standard Sales and Distribution (SD) Benchmark

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Oracle's Sun Fire X4270 M3 server achieved 8,320 SAP SD Benchmark users running SAP enhancement package 4 for SAP ERP 6.0 with unicode software using Oracle Database 11g and Oracle Solaris 10. The Sun Fire X4270 M3 server using Oracle Database 11g and Oracle Solaris 10… >>> More
Now Customers Can Actually Locate Your Resources with URL Rewriter 2.0 RTW

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Today, Microsoft announced the final release of IIS URL Rewriter 2.0 RTW . Now the first reason might be obvious why you would want to rewrite a URL – when you are at a cocktail party with loud music and tasty appetizers and a potential customer asks you where they can get more info on your snazzy… >>> More

Related posts about ms-forefront-2010

Forefront TMG vs pfSense

as seen on Server Fault - Search for 'Server Fault'
We currently run pfSense with no problems, however we are looking at TMG as it is included in our partner subscription to MS and allows Windows 7 DirectConnect features to our domain for off-site users. I have had a google, but there don't seem to be any comparisons of TMG to pfSense. Anyone have… >>> More
Does MS Forefront TMG cache authentication?

as seen on Server Fault - Search for 'Server Fault'
I'm testing a client machine that makes requests to a biztalk server using a forefront machine as a web proxy. Upon first test I put in an invalid name/password into the receive port and received the correct error message (407). Then, I set the correct name/password and everything worked correctly… >>> More
Syntax for file and process exclusions in Forefront Endpoint Protection?

as seen on Server Fault - Search for 'Server Fault'
I can't seem to find an official and up-to-date documentation on how to set up file and process exclusions in Forefront Endpoint Protection 2012. For file types, which of these will work? Are they the same? ext .ext *.ext What about wildcards? .e?t .e* .*t For file paths, which wildcards… >>> More
Forefront UAG vs. Server 2012 Direct Access

as seen on Server Fault - Search for 'Server Fault'
So I'm working on bringing my company into the 21'st century, with virtual servers, active directory, ADFS, SSO etc. Its a huuuuge project, with a future goal of ISO 27001 cerification. The current question is, does the Direct Access role offered by Server 2012 perform the same role as Forefront… >>> More