Cisco Cisco Web Security Appliance S670 사용자 가이드

Adobe Acrobat Updates

HttpBridge

Subversion, by CollabNet

Microsoft Windows Update

Microsoft Visual Studio

Workaround: Create a class of user for the URL that does not require authentication.

When the user’s first client request is a POST request and the user still needs to authenticate, the POST 
body content is lost. This might be a problem when the POST request is for a application with the Access 
Control single sign-on feature in use.

Workarounds:

Have users first authenticate with the Web Proxy by requesting a different URL through the browser 
before connecting to a URL that uses POST as a first request. 

Bypass authentication for URLs that use POST as a first request. 

When working with Access Control, you can bypass authentication for the Assertion Consumer 
Service (ACS) URL configured in the Application Authentication Policy.

.

If both the appliance and the upstream proxy use authentication with NTLMSSP, depending on the 
configurations, the appliance and upstream proxy might engage in an infinite loop of requesting 
authentication credentials. For example, if the upstream proxy requires Basic authentication, but the 
appliance requires NTLMSSP authentication, then the appliance can never successfully pass Basic 
credentials to the upstream proxy. This is due to limitations in authentication protocols. 

Configuration: