This rule sets the criteria for content filtering of HTTP Request Header authorization fields. When a web server starts a WWW-Authenticate challenge, it sends information about which authentication methods it can use. The proxy puts limits on the type of authentication sent in a request. It uses only the authentication methods that the web server accepts. With a default configuration, the XTM device allows Basic, Digest, NTLM, and Passport1.4 authentication, and strips all other authentication. You can add, delete, or modify rules in the default ruleset.
If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.
For more information on predefined proxy actions, see About Proxy Actions.
About the HTTP-Proxy