Cisco Cisco Web Security Appliance S660 Guida Utente
M A T C H I N G C L I E N T R E Q U E S T S T O I D E N T I T Y G R O U P S
C H A P T E R 7 : I D E N T I T I E S
133
Figure 7-2 Policy Group Flow Diagram for Identities - No Surrogates and IP-Based Surrogates
Receive request from client.
Assign the Identity and then evaluate the
request against the other policy types.
No
Is the client subnet in the Identity
group’s list of subnet(s)?
Compare the client request
against the next (or first) Identity
group in the policies table.
Yes, or none defined
Does the Identity group require
authentication?
No
Yes
Does the client successfully
authenticate as a member of the
applicable realm or sequence?
Yes
No
Yes, or none defined
Is the URL category of the request URL in
the Identity group’s list of URL categories
in the Advanced section?
Is the proxy port in the Identity group’s
list of ports in the Advanced section?
No
No
Terminate the request.
Reply to client with
authentication required.
Yes, or none defined
Is the user agent in the policy group’s list
of user agents in the Advanced section?
No
Yes, or none defined
Does the Identity support guest privileges
for users failing authentication?
No
Yes