Of all the Security Servers in FireWall-1, the HTTP Security Server is used most often. Because the HTTP Security Server can be used with both CVP and UFP, I will cover how to set up both types of Content Security.
The HTTP Security Server is enabled when the following situations are true.
There is a line that permits in.ahttpd to start up in $FWDIR/conf/fwauthd.conf. This is normally present by default.
A resource is used in your security policy or in a rule that involves User Authentication for HTTP.
Refer to Chapter 8 for information on authentication. Defining resources is first discussed in the Filtering HTTP without a UFP or CVP Server subsection. The proper line for the HTTP Security Server in $FWDIR/conf/fwauthd.conf ...