Why is the ProxySG not serving the Notify User page when I have the default policy set to Deny?


<< Back to Knowledge Search

Solution

Overview

 The Notify User action object does not modify the Allow or Deny states; therefore, it requires that the request hit an allow rule before the user is served with the notify user page.

 
Without an Allow Policy:
 
start transaction -------------------
  CPL Evaluation Trace: transaction ID=7504
           <Proxy>  condition=!__is_notify_internal 
    MATCH:     trace.request(yes) trace.rules(all) trace.destination(1234) 
           <Proxy "handle HTML Notification internal requests">
           [Rule]  url=http://notify.bluecoat.com/ 
    miss :     url=http://notify.bluecoat.com/
           [Rule]
    miss :     url=http://notify.bluecoat.com/
           [Rule]
    miss :     url=/notified-NotifyUser1?
    miss :     url=/verify-NotifyUser1?
    miss :     url=/verify-NotifyUser1?
           [Rule]
    MATCH:     action.__delete_notify_cookies(yes) 
           <Cache "suppress DRTR for HTML Notification internal URLs">
    miss :     condition=__is_notify_internal
  connection: service.name=Explicit HTTP client.address=10.105.0.128 proxy.port=8080
  time: 2011-01-11 03:43:53 UTC
  GET http://www.google.com.my/
Cookie: PREF=ID=ff75e69b4f124e6c:U=7c97850933b01c6b:FF=0:TM=1293123577:LM=1293123577:S=ogNAFri8QKBYVybb
Cookie: NID=42=BDB00PAAz_RoT4NoNU2c4R5I_DIi68lTxZ7WUDdpzUsYNGW425YlMWb72BXODBxXHQYTKZY7Asei6nQY4cBRowwM7X5GS5c6HVVyI2fpdUxFFbv-V9mtrdhIlX0NtMsJ
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729)
  user: unauthenticated
  DENIED: Default secure policy mode           <----------------- Hitting the default DENY Policy
  DSCP client outbound: 65
  DSCP server outbound: 65
 
stop transaction --------------------
 
With an ALLOW policy:
 
start transaction -------------------
  CPL Evaluation Trace: transaction ID=7545
           <Proxy>  condition=!__is_notify_internal 
    MATCH:     ALLOW policy.NotifyUser1           <----------------- Hitting ALLOW Policy
           <Proxy>  condition=!__is_notify_internal 
    MATCH:     trace.request(yes) trace.rules(all) trace.destination(1234) 
           <Proxy "handle HTML Notification internal requests">
           [Rule]  url=http://notify.bluecoat.com/ 
    miss :     url=http://notify.bluecoat.com/
           [Rule]
    miss :     url=http://notify.bluecoat.com/
           [Rule]
    miss :     url=/notified-NotifyUser1?
    miss :     url=/verify-NotifyUser1?
    miss :     url=/verify-NotifyUser1?
           [Rule]
    MATCH:     action.__delete_notify_cookies(yes) 
           <Cache "suppress DRTR for HTML Notification internal URLs">
    miss :     condition=__is_notify_internal
  Called policy definition: NotifyUser1
           <Proxy>
    MATCH:     condition=__NotifyUser1_should_notify action.__NotifyUser1_check_notify(yes) 
  connection: service.name=Explicit HTTP client.address=10.105.0.128 proxy.port=8080
  time: 2011-01-11 03:45:26 UTC
  GET http://www.google.com.my/
Cookie: PREF=ID=ff75e69b4f124e6c:U=7c97850933b01c6b:FF=0:TM=1293123577:LM=1293123577:S=ogNAFri8QKBYVybb
Cookie: NID=42=BDB00PAAz_RoT4NoNU2c4R5I_DIi68lTxZ7WUDdpzUsYNGW425YlMWb72BXODBxXHQYTKZY7Asei6nQY4cBRowwM7X5GS5c6HVVyI2fpdUxFFbv-V9mtrdhIlX0NtMsJ
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729)
  user: unauthenticated
  REDIRECT(policy_redirect)
  redirect location=http://notify.bluecoat.com/notify-NotifyUser1?http/www.google.com.my/aHR0cDovL3d3dy5nb29nbGUuY29tLm15Lw== (302) <----------------- Redirected to Notify User Page
 
  DSCP client outbound: 65
  DSCP server outbound: 65
 
stop transaction --------------------
 
 
Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1223
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG 200, ProxySG 210, ProxySG 300, ProxySG 510, ProxySG 600, ProxySG 810, ProxySG 8100, ProxySG 9000
Topic      Policy Management
Article Number      000016653
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat