#(config IWA realm_name) server-authentication { none | origin | proxy }

Enables/disables the forwarding of BASIC credentials of the authenticated user to the origin content server or for proxy authentication. Flush the entries for a realm if the server-authentication value is changed to ensure that the server-authentication value is immediately applied.

You can only choose one server-authentication method:

• If set to origin, BASIC credentials are forwarded to an upstream server.
• If set to proxy, BASIC credentials are forwarded to an upstream proxy.
• If set to none, forwarding of BASIC credentials is disabled. 

SGOS 5.5.x Command Line Interface Reference, Page 320

Or

SGOS 5.5.x Content Policy Language Reference, page 360

server.authenticate.basic()

Determines how to authenticate to an upstream server using BASIC credentials. This property controls sending BASIC credentials to an upstream server or proxy for an authenticated user. By default, no credentials will be sent upstream. If origin is selected, then BASIC credentials will be sent upstream using the HTTP Authorization header. If proxy is selected and forwarding is configured, then credentials will be sent upstream using the HTTP Proxy-Authorization header. If the user authenticated to the ProxySG using BASIC credentials, then by default, those credentials will be forwarded upstream. If the user authenticated using NTLM, Kerberos, or a realm that does not use passwords, then by default the username will be forwarded along with an empty password. 

Optionally, the username and password sent upstream can be configured with substitution strings. This command can be found as an action in a Web authentication layer. It is referred to as Send Credentials Upstream.