Cisco Cisco Web Security Appliance S670 故障排查指南

Contributed by Kei Ozaki and Siddharth Rajpathak, Cisco TAC
Engineers.

Jul 17, 2014

How do I exempt certain sites from requiring authentication?

To exempt sites from authentication, you would need to create a special policy and order it above everything
else. You can follow similar steps to exempt certain client IPs from being authenticated as well.

Choose "Web Security Manager" > "Custom URL categories" and click on "Add Custom Category".
Give it an informative name (Ex: AuthExempt). Add the URL or host name to exempt from
authentication.

1. 

Choose "Web Security Manager" > "Identities" and click on "Add Identity."
Here is an example:
Name: "AuthExempt Identity"
Insert Above: Set to order 1
Define Members by Subnet: Blank
Define Members by Authentication: "No Authentication Required"
Advanced > "URL Categories": Click on "None Selected" and select "AuthExempt"

2. 

Choose "Web Security Manager" > "Access Policies" and click on "Add Policy."
Here is an example:
Policy Name: "Authentication Exemption"
Insert Above Policy: Set to Order 1
Identity Policy: "AuthExempt Identity"
Advanced: None

3. 

By following the steps above, your request destined to URLs listed under "AuthExempt" category will match
against identity "AuthExempt" Identity, then the request would match the access policy "Authentication
Exemption" and the request would be exempt from being asked for user credentials/authentication.

Updated: Jul 17, 2014

Document ID: 118003