This question is in relation to the "Authenticate Only when user attempts to access a restricted page" check box under Proxy services/Authentication.

Let me put this senario to you and please correct me if I wrong. So I tick the Box and NBM (3.9) will only auth when a request is restricted. So will it request if my only rules are as below

allow all to 'all urls'
block all to 'all urls'

or does the allow need to be restrictive to meet the condition to authenticate ie

allow 'user group' to 'all urls'
block all to 'all urls'

I guess what Im asking is what condition needs to be met to force authentication ?