Questions regarding enhanced web authentication mode from 11.2.x
Questions
1) Since Negotiate Authentication Method is added to the Default Option of Basic (WebEngine) Robot Configuration, can you tell us more about its' use cases?
(Robot Configuration > Basic > Configure... > Authentication Method
2) What is the use case for automatic usage of Negotiate protocol when a proxy server is configured for a robot? Does it mean that this Negotiate Authentication is allowing SPNEGO authentication mode as well?
3) There were changes in the SSL/TLS encryption protocols from 11.2
In 11.1, there were a lot of options to choose here.
However, going up to 11.2, you only have:
- Secure TLS
- Less secure TLS
4) We were able to confirm that this Preemptive Authentication property exists in 11.1.0.4 "Call REST Web Service" & "Call SOAP Web Service" step. We would like to know the reason you guys are putting this on the release notes?
Answers
1) With this feature, we are extending the capabilities to also use the Kerberos authentication mechanism required for some Microsoft Windows server configurations.
2) This is to support proxy servers configured to only support Kerberos authentication. It also allows SPNEGO.
3) The Secure option will always allow only the most secure version of TLS while the Less Secure option will allow the robot to negotiate a less secure version of TLS/SSL if the remote web server does not support the highest level of security.
This was changed to make it easier to configure robots to default to the most secure version of TLS in the future when there are changes and/or updates on remote servers instead of having preselected a specific TLS version.
4) It was a new feature in 11.2. It was backported to 11.1.0.4.
Level of Complexity
Moderate
Applies to
| Product | Version | Build | Environment | Hardware |
|---|---|---|---|---|
| RPA | 11.2 |
References
-