'Password Override' verdict does not work as expected

book

Article ID: 166751

calendar_today

Updated On:

Products

Web Security Service - WSS ProxySG Software - SGOS

Issue/Introduction

The policy rule for the 'Password Override' verdict is being matched but there is another global rule that determines if it is possible to return the password override redirect.

Cause

 Blue Coat uses a 302 redirect to provide the password override form. If the content type in the response is text/html, then it returns a 302. If the content type is application/x-shockwave-flash, then the 302 will not be returned.

Resolution

The requirements for password override to work is that the application must be able to follow redirects and set cookies.