Filter
Top Products
ProxySG Content Policy Language Guide
160
authenticate( )
Identifies the realm used to authenticate the user associated with the current transaction.
Authentication realms are referenced by the name given in configuration.
If the transaction has already been authenticated in the same realm by the SOCKS proxy, no new
authentication challenge is issued. If the realms identified in the
socks.authenticate( ) and
authenticate( ) actions differ however, a new challenge is issued.
How authentication is performed is a function of the capabilities of the realm, the protocol involved,
and the setting of the
authenticate.mode( ) property.
The
authenticate( ) action has higher precedence than allow, so a subsequent allow does not
prevent an authentication challenge.
The relation between authentication and denial is controlled through the
authenticate.force( )
property. The default setting no implies that denial overrides
authenticate( ), with the result that
user names may not appear for denied requests if that denial could be determined without
authentication. To ensure that user names appear in access logs, use
authenticate.force(yes).
Syntax
authenticate(no)
authenticate(realm_name[, display_name])
The default value is no.
where:
•
no—User authentication is not required for this transaction. No authentication challenge is issued.
•
realm_name—A realm that must be authenticated against. An authentication challenge may be
issued.
•
display_name—A string that is displayed in the Web browser when credentials are requested in
place of
realm_name.
Discussion
The
authenticate( ) property may result in the following exceptions, testable with the
exception.id= trigger in an <Exception> layer.
•
authentication_failed—The offered credentials were not valid in this authentication realm.
•
authentication_failed_password_expired—Authentication failed due to password expiry.
•
configuration_error—Authentication failed due to a realm configuration error.
Layer and Transaction Notes
•Use in
<Proxy> and <Admin> layers.
• Applies to proxy and administrator transactions.
Example
; Require authentication for internet access.
<proxy>