Cisco Cisco Web Security Appliance S690 사용자 가이드
20-3
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 20 Authentication
Authentication Overview
Client Application Support
When the Web Security appliance is deployed in transparent mode and a
transaction requires authentication, the Web Proxy replies to the client application
asking for authentication credentials. However, not all client applications support
authentication, so they have no method for prompting users to provide their user
names and passwords. These applications cannot be used when the Web Security
appliance is deployed in transparent mode.
transaction requires authentication, the Web Proxy replies to the client application
asking for authentication credentials. However, not all client applications support
authentication, so they have no method for prompting users to provide their user
names and passwords. These applications cannot be used when the Web Security
appliance is deployed in transparent mode.
The following is a partial list of applications that do not work when the appliance
is deployed in transparent mode:
is deployed in transparent mode:
•
Mozilla Thunderbird
•
Adobe Acrobat Updates
•
HttpBridge
•
Subversion, by CollabNet
•
Microsoft Windows Update
•
Microsoft Visual Studio
Note
If users need to access a particular URL using one of these client applications,
then create an Identity based on a custom URL category that does not require
authentication and place the Identity above all other Identities that require
authentication. When you do this, the client application will not be asked for
authentication.
then create an Identity based on a custom URL category that does not require
authentication and place the Identity above all other Identities that require
authentication. When you do this, the client application will not be asked for
authentication.
Working with Upstream Proxy Servers
When the Web Security appliance is connected to an upstream proxy server, you
can configure the appliance or the upstream proxy to use authentication, but not
both. Cisco recommends configuring the Web Security appliance to use
authentication. This allows you to create policies based on user authentication.
can configure the appliance or the upstream proxy to use authentication, but not
both. Cisco recommends configuring the Web Security appliance to use
authentication. This allows you to create policies based on user authentication.
If both the appliance and the upstream proxy use authentication, depending on the
configurations, the appliance and upstream proxy might engage in an infinite loop
of requesting authentication credentials. For example, if the upstream proxy
configurations, the appliance and upstream proxy might engage in an infinite loop
of requesting authentication credentials. For example, if the upstream proxy