How to ensure WSS Agent does not remove http authorization headers?
search cancel

How to ensure WSS Agent does not remove http authorization headers?


Article ID: 200886


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Some websites are using a basic authentication method and when the users are trying to access using a computer with the WSS Agent installed, the authorization header is removed and the authentication process fails.


How can we ensure the header is not removed and the user / service / tool can login to the remote server properly?


WSS Agent and remote sites using basic authentication method.


The WSS Agent operates in a cloud authentication realm and as such we setup the authentication and authorization on the WSS proxySG.

In the process we ensure that authorization headers (a base64 encoded password) are not sent out to the Internet unintentionally.


In a WSS Portal setup, you can add the site to the Authentication bypass and this resolves the issue.

For Management Center customers, you can use a WSS provided condition to add destination url's to the Authentication bypass named "BC_Authentication_exempt_sites".

The definition is used on the WSS managed policy so you don't need anything else, other than adding data to the definition (in a CPL layer or in VPM).

Here is a CPL sample:

define condition BC_Authentication_exempt_sites