Blue Coat Systems Time Clock Proxy SG Manual de usuario Pagina 112
- Pagina / 314
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
ProxySG Content Policy Language Guide
112
realm=
Tests if the client is authenticated and if the client has logged into the specified realm. If both of these
conditions are met, the response is true. In addition, the
group= condition can be used to test whether
the user belongs to the specified group. This trigger is unavailable if the current transaction is not
authenticated (for example, the
authenticate property is set to no).
If you reference more than one realm in your policy, consider disambiguating user, group and
attribute tests by combining them with a
realm=test. This reduces the number of extraneous queries
to authentication services for group, user or attribute information that does not pertain to that realm.
Syntax
realm=realm_name
where realm_name is the name of an NTLM, Local Password, RADIUS, LDAP, Certificate, or
Sequence realm. Realm names are case-insensitive for all realm types.
Layer and Transaction Notes
•Use in
<Admin> and <Proxy> layers.
• Applies to proxy and administrator transactions.
Examples
; This example tests if the user has logged into realm corp and
; is authenticated in the specified group.
realm=corp group=all_staff
; This example uses the realm property to distinguish the policy applied
; to two groups of users--corp’s employees, and their corporate partners and
; clients. These two groups will authenticate in different realms.
<proxy>
client.address=10.10.10/24 authenticate(corp) ; The corporate realm
authenticate(client) ; Company partners & clients
<proxy> realm=corp ; Rules for corp employees
allow url.domain=corp.com ; Unrestricted internal access
category=(violence, gambling) exception(content_filter_denied)
<proxy> realm=client ; Rules for business partners & clients
allow group=partners url=corp.com/partners ; Restricted to partners
allow group=(partners, clients) url=corp.com/clients ; Both groups allowed
deny
; Additional layers would continue to be guarded with the realm, so that only
; the ‘client’ realm would be queried about the ‘partners’ and ‘clients’ groups.
See Also
• Conditions:
attribute.name=, authenticated=, group=, has_attribute.name=,
http.transparent_authentication=, user=, user.domain=
- Blue Coat Systems 1
- THIRD PARTY COPYRIGHT NOTICES 3
- Copyrights 5
- Supported Browsers 10
- Document Conventions 10
- Contents 11
- Concepts 19
- Policy Model 20
- CPL Language Basics 21
- Sections 24
- Definitions 25
- Referential Integrity 26
- Writing Policy Using CPL 27
- Authentication and Denial 28
- Installing Policy 29
- Troubleshooting Policy 30
- Upgrade/Downgrade Issues 30
- Conditional Compilation 31
- Administrator Transactions 33
- Proxy Transactions 33
- Cache Transactions 35
- Forwarding Transactions 36
- Understanding Layers 37
- <Cache> Layers 38
- <Exception> Layers 39
- <Forward> Layers 39
- <Proxy> Layers 40
- Layer Guards 40
- Understanding Sections 41
- [url.domain] 43
- [url.regex] 43
- [server_url.domain] 43
- Defining Policies 44
- Blacklists and Whitelists 45
- Avoid Conflicting Actions 47
- Making Policy Definitive 47
- Best Practices 48
- Condition Reference 49
- Pattern Types 50
- Unavailable Triggers 51
- • Definitions: 63
- , authenticated=, group= 75
- , realm=, user=, user.domain= 75
- "url=" on page 137 108
- See Also 108
- Conditions: 108
- • Conditions: 120
- • Definitions: define subnet 120
- Examples 126
- Property Reference 153
- •Properties: 169
- Chapter 4: Property Reference 195
- ❐ proxy_address= 216
- ❐ proxy_card= 216
- ❐ proxy_port= 216
- ❐ client_address= 216
- ❐ socks.version= 216
- Action Reference 227
- • Properties: 243
- Definition Reference 245
- , condition= 253
- •Actions: 256
- • Definitions: define action 256
- •Properties: action( ) 256
- Condition: 259
- , server_url.domain= 259
- • Condition: 264
- Glossary 271
- Testing and Troubleshooting 275
- Enabling Request Tracing 276
- Recognized HTTP Headers 281
- CPL Substitutions 283
- Filter File Syntax 299
- Filter-Part Components 300
- ALL Statements 302
- Action-Part Components 305
- Evaluation Order 306
- Upgrading from CacheOS 307
© 2020, manymanuals.es. Todos los derechos reservados | 1.108 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales