[Forcepoint] [WCG] Firefox users are prompted for credentials with transparent authentication

Modified on Sun, 18 Jun, 2017 at 10:56 AM


When enabling a proxy with authentication (IWA, NTLM), using Firefox still prompts for user credentials to the WCG.


By default, Firefox does not automatically send an NTLM response when users are being authenticated.


In the Firefox address bar, type the following:

  • about:config

Search for the following setting:

  • network.automatic-ntlm-auth.trusted-uris

Edit the string value (Kerberos) to include the IP(s) (including any VIP address), host, and fully qualified domain name of the Content Gateway. You may even want to add the active directory FQDN.

NOTE: Due to the nature of how transparent proxy works, NTLM authentication will look like it is coming from the destination site even though it is really Websense Content Gateway that is making the request. If you are using a transparent proxy implementation, you will want to change the string value to:

  • http://,https://,ftp://

Batch script:

@echo off

echo ==================================
echo    Enabling Firefox Proxy Auth
echo ==================================
cd /D "%APPDATA%\Mozilla\Firefox\Profiles\*.default*"
echo user_pref("network.automatic-ntlm-auth.trusted-uris", "http://,https://,ftp://");>>prefs.js
echo Done!

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article