Forum Discussion
Kevin_Stewart
Aug 25, 2015Employee
You can certainly rewrite an HTTP response header, but I'm curious how this would work if you changed the header value to Xbasic. When a server sends a 401 WWW-Authenticate response, it can send a value of Basic, Negotiate, NTLM, or Digest. These are generally the only "integrated" authentication methods that a browser will understand. In other words, upon receiving an "xbasic" authentication response, a browser is very likely going to simply fail. If, however, you're using the BIG-IP to authenticate to the server in another way, or the BIG-IP is sending the credentials on the user's behalf and you don't want the client to see the 401 response, you could simply drop these responses.