Creating an "Auth Exemption" for specific users, destinations, with or without sources on Symantec Web Security Service (WSS).
Captive Portal or SAML authentication methods, which are redirection-based methods, display a separate window for users to enter their credentials to continue. Some network issues might prevent the client systems from displaying these windows.
The source device (for example, a legacy server) is not compatible with redirection-based authentication.
A web application API call is not compatible with redirection-based authentication.
To mitigate these issues add destinations and sources to be exempted from authorization.
Click Add Auth Exemption. The portal displays the "Create New Auth Exemption Rule".
The first dialog screen, "From Where", provides an option to select a supported source.
All preconfigured entries or lists populate any selection. For example, if clicking Locations select from any location that currently sends traffic to Web Security Service account.
Unified Agents and Mobile Devices are static objects; selecting them means that the exemption applies to all connections from each of those access methods.
(Optional) To quickly exempt a source, create a new entry from this wizard. For example to immediately exempt a new IP address.
Select New > IP/Subnet.
Enter a new address (or import a list from a text file).
From an entry, click the "From Where" link at the top of the dialog to return to the menu. Add other entries if required, then click Next.
On the "To Where" wizard page, select the destination(s) that are exempt from authentication.
Click Finish. This process creates a new Auth Exemption policy rule.
Add an additional rules as needed. When all rules are completed, click Activate.
Verify with all users that their clients are no longer prompted for credentials because of the new policy.
Note: The order of the authentication rules does not make a difference, as it parses all until it hits a rule and enforces it. Any order of the list is based on when it was created first. If the list for aesthetics needs to be reorganized, delete the list and create the rules in the preferred order.
Subscribing will provide email updates when this Article is updated. Login is required.