Chapter 4: Property Reference

url.domain = !corporate.com authenticate(OurRealm, “log in for internet access”)

The next example illustrates the relation between authentication and denial. All users outside an allowed subnet are denied before authentication. They are not allowed to submit credentials to the authentication server. Users within the allowed subnet are authenticated regardless of whether they will eventually be allowed or denied, so their user names are available for the access log.

define allowed_source_ip 10.1.2.0/24 ; my subnet(s) ;...

end <proxy>

authenticate( myrealm )

<proxy>

deny client.address=!allowed_source_ip ; denied before authentication

authenticate.force(yes)

; all others denied after

<proxy>

 

deny category=(Sports, Gambling) ; would deny before auth except for force.

See Also

Conditions: authenticated=, exception.id=, group=, has_attribute.name=, http.transparent_authentication=, realm=, user=, user_domain=

Properties: authenticate.force( ), authenticate.mode( ),

authenticate.use_url_cookie( ), check_authorization( ), socks.authenticate( ), socks.authenticate.force( )

161

Page 160 Page 162
Page 161
Image 161
Blue Coat Systems Proxy SG manual 161
Page 160 Page 162
Top Page Image Contents