Bypassing ProxySG authentication I have an application that does not work with authentication How do I bypass authentication so that my application works? What are some strategies that can be used to bypass authentication for a workstation or application? How do I use a different authentication scheme?
Sometimes there are applications (custom, in-house applications; specific vendor created applications, file sharing applications, and so forth), services, operating systems, update mechanisms, (all these will be referred to as applications throughout the rest of this document) and so forth that simply do not work with proxy style (HTTP 407) or content server style (HTTP 401) authentication requests. These applications were not designed to deal with authentication. Because these applications were not designed to deal with application, when the proxy prompts the application for authentication requests, the application will fail to function properly. The end result will be a loss of productivity.
Blue Coat realizes that there may be certain applications that do not function properly when authentication is enforced. So there are several strategies that can be used to help alleviate the problem. This solution documents some of the strategies used to work around the problem. This is not an all inclusive document. There may be other ways to work around the problem. This solution documents some of the more common ways to work around authentication issues. If there is a particular solution you would like to add to this document, please feel free to add provide feedback to this KB article with the solution you want added here.
AUTHENTICATION BY IP ADDRESS
There are two options here. You can
Not authenticate specific IP addresses or ranges and everything else will be authenticated.
Authenticate specific IP addresses or ranges and everything else will not be authenticated.
Generally authentication is enabled for all IP addresses and then a few workstations need to bypass authentication. Please see 000008252 for instructions on how to bypass authentication by IP address.
BYPASSING AUTHENTICATION BY USER AGENT
Many applications that use the web have a user agent. If a particular application is having problems authenticating and that application has a unique user agent, please see 000010128 for instructions on how to bypass authentication for a specific user agent.
USING A DIFFERENT AUTHENTICATION MODE
Sometimes one protocol, such as HTTP, works just fine with a particular authentication mode. But other protocols, such as FTP, do not work reliably with the same authentication mode as HTTP. So it may be necessary to change the authentication mode in order for the application to work. Please see 000014404 for instructions on how to create a rule using the same authentication realm, but just a different authentication mode.
BYPASSING AUTHENTICATION BY DESTINATION URL
Sometimes a particular URL may be particularly troublesome. A common example is when IWA authentication is used and the URL is a remote Microsoft Exchange server in a different domain than the local domain, and no trust relationship exists between the two domains. In this kind of a scenario, bypassing authentication to that remote webmail server may be the solution. Please see 000008250 for instructions on how to bypass authentication based on URL.
Imported Document ID: 000008272
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.