A Web Application resides behind CA Access Gateway (SPS) r12.52 SP1 and is protected with Basic Authentication natively by itself (not by Policy Server).
SPS strips a HTTP header “WWW-Authenticate” from the backend.
As a result, access to the backend application results in HTTP 401 error while the access was working in SPS r12.0 SP3.
CA Access Gateway (SPS) r12.5 or later
Since SPS r12.5 there is an additional parameter :
(1) For authenticated backed connections which require pass through the setting is:
The addition of : connection-auth="yes" will transfer the WWW-Authenticate header to the client and it will then work as expected.
(2) As for regular expression rule, the XML Schema shows that the element nete:result may have the attribute. (See <secure-proxy>\proxy-engine\conf\dtd\proxyrules.dtd)
However, the attribute of: connection-auth="yes" does not work in this case such rule as following:
This is a defect which will be fixed in the future release.