Blue Coat Systems Time Clock Proxy SG Manual de usuario descargar pdf (Pagina 175)

Chapter 4: Property Reference

175

deny.unauthorized( )

The deny.unauthorized property instructs the ProxySG to issue a challenge (401 Unauthorized or 407

Proxy authorization required). This indicates to the client that the resource cannot be accessed with

their current identity, but might be accessible using a different identity. The browsers typically

respond by bringing up a dialog box so the user can change their identity. (The

details string appears

in the challenge page so that if the user cancels, there is some additional help information provided).

Typically, use

deny( ) if the policy rule forbids everyone access, but use deny.unauthorized if the

policy rule forbids only certain people.

Syntax

deny.unauthorized

deny.unauthorized(details)

where details is a string defining a message to be displayed to the user. The details string may

contain CPL substitution variables.

Discussion

If current policy contains rules that use the

authenticate() or authenticate.force( ) properties,

the

deny.unauthorized( ) property is equivalent to exception(authorization_failed). If policy

does not contain any rules that require authentication,

deny.unauthorized( ) is equivalent to

exception(policy_denied)

The identity of the exception being returned can be tested in an

<Exception> layer using

exception.id=.

Layer and Transaction Notes

•Use in

<Proxy> layers.

• Applies to HTTP transactions. For other protocols, the property is the equivalent to

deny( ).

Sin comentarios

Blue Coat Systems Time Clock Proxy SG Manual de usuario Pagina 175