How do I resolve the HTTP 401 response error when ICAP scanning is enabled?

search cancel

How do I resolve the HTTP 401 response error when ICAP scanning is enabled?

book

Article ID: 166166

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

This error is generated when the ProxySG receives the www-authentication header in the response from the OCS (origin content server), and it occurs in the following scenarios:

Ø The ICAP server sends an ICAP error to the ProxySG appliance that has ICAP RESPMOD enabled.

Ø ProxySG is returns the ICAP error 503 (Service not available)

Ø ProxySG is returns the ICAP error: Request could not be handled.

Resolution

To fix the issue where this error is generated because the ProxySG receives the www-authentication header in the response from the OCS (Origin Content Server)

If the response content coming from the ProxySG (HTTP 401 response) is sent to the ICAP server using the response header

“www-authentication with RegEx header. (Please see the figure 1.1 for VPM and CPL)

Figure 1.1

VPM:

CPL

<cache>

response.header.WWW-Authenticate=".*" response.icap_service(test_ICAP,fail_closed) response.icap_service.secure_connection(auto)

Feedback

thumb_up Yes

thumb_down No