Cisco Cisco Web Security Appliance S670 User Guide
354
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
Figure 16-7 Global Authentication Settings
2. Edit the settings in the Global Authentication Settings section as defined in Table 16-8.
Table 16-8 Global Authentication Settings
Setting
Description
Action if Authentication Service
Unavailable
Unavailable
Choose one of the following values:
• Permit traffic to proceed without authentication.
• Permit traffic to proceed without authentication.
Processing continues as if the user was authenticated.
• Block all traffic if user authentication fails. Processing is
discontinued and all traffic is blocked.
Failed Authentication Handling
When you grant users guest access in an Identity policy, this
setting determines how the Web Proxy identifies and logs
the user as a guest in the access logs.
For more information on granting users guest access, see
“Allowing Guest Access to Users Who Fail Authentication”
on page 135.
setting determines how the Web Proxy identifies and logs
the user as a guest in the access logs.
For more information on granting users guest access, see
“Allowing Guest Access to Users Who Fail Authentication”
on page 135.
Re-authentication
(Enable Re-Authentication
Prompt If End User Blocked by
URL Category)
(Enable Re-Authentication
Prompt If End User Blocked by
URL Category)
This setting allows users to authenticate again if the user is
blocked from a website due to a restrictive URL filtering
policy.
The user sees a block page that includes a link that allows
them to enter new authentication credentials. If the user
enters credentials that allow greater access, the requested
page appears in the browser.
Note: This setting only applies to authenticated users who
are blocked due to restrictive URL filtering policies. It does
not apply to blocked transactions by subnet with no
authentication.
For more information, see “Allowing Users to Re-
Authenticate” on page 366.
blocked from a website due to a restrictive URL filtering
policy.
The user sees a block page that includes a link that allows
them to enter new authentication credentials. If the user
enters credentials that allow greater access, the requested
page appears in the browser.
Note: This setting only applies to authenticated users who
are blocked due to restrictive URL filtering policies. It does
not apply to blocked transactions by subnet with no
authentication.
For more information, see “Allowing Users to Re-
Authenticate” on page 366.