HTTP Request: Authorization

This rule sets the criteria for content filtering of HTTP Request Header authorization fields. When a web server starts a WWW-Authenticate challenge, it sends information about which authentication methods it can use. The proxy puts limits on the type of authentication sent in a request. It uses only the authentication methods that the web server accepts. With a default configuration, the Firebox allows Basic, Digest, NTLM, and Passport1.4 authentication, and strips all other authentication. You can add, delete, or modify rules in the default rule set.

  1. In the HTTP Proxy Action configuration, select HTTP Request > Authorization.
  2. Configure the rule action.
    For more information, go to Add, Change, or Delete Rules.
  3. To change settings for another category in this proxy, see the topic for that category.
  4. Save the configuration.

If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.

For more information on predefined proxy actions, go to About Proxy Actions.

Related Topics

About the HTTP-Proxy