Справочник Пользователя для Blue Coat Systems Proxy SG
Chapter 3: Condition Reference
69
exception.id=
Tests whether the exception being returned to the client is the specified exception. It can also be used
to determine whether the exception being returned is a built-in or user-defined exception.
to determine whether the exception being returned is a built-in or user-defined exception.
Built-in exceptions are handled automatically by the ProxySG but special handling can be defined
within an
within an
<Exception>
layer. Special handling is most often required for user-defined exceptions.
syntax
exception.id=exception_id
where
exception_id
is either the name of a built-in exception of the form:
exception_id
or the name of a user defined exception in the form:
user_defined.exception_id
In addition to testing the identity of exceptions set by the
exception( )
property,
exception.id=
can also test for exceptions returned by other CPL gestures, such as
policy_denied
, returned by the
deny( )
property and
policy_redirect
returned by the
redirect( )
action.
Layer and Transaction Notes
•
Use in
<Exception>
layers.
•
Applies to proxy transactions.
Examples
This example illustrates how some commonly generated exceptions are caught. Appropriate subnet
and action and category definitions are assumed.
and action and category definitions are assumed.
<Proxy> url.domain=partner.my_co.com/
action.partner_redirect(yes) ; action contains redirect( )
<Proxy> url.domain=internal.my_co.com/
force_deny client.address!=mysubnet
authenticate(my_realm)
<Proxy> deny.unauthorized
url.domain=internal.my_co.com/hr group=!hr;
; and other group/user restrictions ...
<Proxy> category=blocked_sites
exception(user_defined.restricted_content )
; could probably have used built in content_filter_denied
; Custom handling for some built-in exceptions
;
<Exception>
; thrown by authenticate( ) if there is a realm configuration error
exception.id=configuration_error action.config_err_alerts(yes)
; thrown by deny.unauthorized
exception.id=authorization_failed action.log_permission_failure(yes)