This rule sets the criteria for content filtering of HTTP Request Header authorization fields. When a web server starts a WWW-Authenticate challenge, it sends information about which authentication methods it can use. The proxy puts limits on the type of authentication sent in a request. It uses only the authentication methods that the web server accepts. With a default configuration, the Firebox allows Basic, Digest, NTLM, and Passport1.4 authentication, and strips all other authentication. You can add, delete, or modify rules in the default ruleset.
- In the HTTP Proxy Action configuration, select HTTP Request > Authorization.
- Configure the rule action.
For more information, see Add, Change, or Delete Rules.
- To change settings for another category in this proxy, see the topic for that category.
- Save the configuration.
If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.
For more information on predefined proxy actions, see About Proxy Actions.