How to enable non-SSL connections for authentication via the WebAPI

The Authlogics Authentication Server supports WebAPI based authentication via the AuthenticateUser function on /services/wsapi.asmx endpoint. This API supports the processing of One Time Passcodes, as well as passwords since version 4.0. To ensure that passwords are not transmitted unencrypted the API requires SSL (HTTPS) based connections.

In certain scenarios, it may be required to allow non-SSL based connections to the AuthenticateUser function.

  1. Add a new binding in IIS on the Authlogics Authentication Server web site of type HTTP and specify a port number, e.g. 14000:mceclip1.png
  2. If a non-standard port was used, add a new Inbound Rule called "Authlogics Authentication Server Web Services HTTP" to the Windows Defender Firewall with Advanced Security to allow the incoming connection:mceclip2.png
  3. Lastly, add the following registry key on the Authlogics Authentication Server to prevent it from rejecting non-SSL connections:
[HKEY_LOCAL_MACHINE\SOFTWARE\Authlogics\Authentication Server]
AllowNonSslAuthentication (REG_DWORD) = 1

No reboots or restarts are required.

 

Note: Authlogics does NOT recommend enabling non-SSL connections when processing password-based logons via the API.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.