Manualsbrain.com
  1. Manuali
  2. Marche
  3. Blue Coat Systems
  4. Time Clock Proxy SG
  5. Manuale Utente

Blue Coat Systems Time Clock Proxy SG Manuale Utente

Scarica
Pagina di 314
ProxySG Content Policy Language Guide
112
realm=
Tests if the client is authenticated and if the client has logged into the specified realm. If both of these 
conditions are met, the response is true. In addition, the 
group=
 condition can be used to test whether 
the user belongs to the specified group. This trigger is unavailable if the current transaction is not 
authenticated (for example, the 
authenticate
 property is set to 
no
).
If you reference more than one realm in your policy, consider disambiguating user, group and 
attribute tests by combining them with a 
realm=test
. This reduces the number of extraneous queries 
to authentication services for group, user or attribute information that does not pertain to that realm.
Syntax
realm=realm_name
where 
realm_name
 is the name of an NTLM, Local Password, RADIUS, LDAP, Certificate, or 
Sequence realm. Realm names are case-insensitive for all realm types.
Layer and Transaction Notes
Use  in 
<Admin>
 and 
<Proxy>
 layers.
Applies to proxy and administrator transactions.
Examples
; This example tests if the user has logged into realm corp and 
; is authenticated in the specified group.
realm=corp group=all_staff
; This example uses the realm property to distinguish the policy applied 
; to two groups of users--corp’s employees, and their corporate partners and 
; clients. These two groups will authenticate in different realms.
<proxy>
client.address=10.10.10/24 authenticate(corp)   ; The corporate realm
authenticate(client) ; Company partners & clients
<proxy> realm=corp ; Rules for corp employees
allow url.domain=corp.com ; Unrestricted internal access
category=(violence, gambling) exception(content_filter_denied)
<proxy> realm=client ; Rules for business partners & clients
allow group=partners url=corp.com/partners ; Restricted to partners
allow group=(partners, clients) url=corp.com/clients ; Both groups allowed
deny
; Additional layers would continue to be guarded with the realm, so that only
; the ‘client’ realm would be queried about the ‘partners’ and ‘clients’ groups.
See Also
Conditions: 
attribute.name=
authenticated=
group=
has_attribute.name=
http.transparent_authentication=
user=
user.domain=