According to the following link, JRE 1.6.0_14 still does not add
"Proxy-Connection: Keep-Alive" header along a NTLM negotiation when trying
to establish a secure connection (HTTPS). As a result, proxy aborts
negotiation and closes the connection.
http://stackoverflow.com/questions/1326849/java-6-ntlm-proxy-authentication-and-https-has-anyone-got-it-to-work
I've saw two approaches to circumvent the problem: to allow access to a list
of affected sites before any authentication; to allow access to 'acl Java
browser Java/1.[456]' before any authentication.
Could this be an alternative?
acl KEEP-ALIVE req_header Proxy-Connection -i Keep-Alive
http_access allow !KEEP-ALIVE // before any
authentication
(or http_access allow !KEEP-ALIVE CONNECT)
What is the best way?
I'm running Squid 2.7 STABLE7 on Windows.
Thanks.
Received on Mon Dec 21 2009 - 00:45:43 MST
This archive was generated by hypermail 2.2.0 : Mon Dec 21 2009 - 12:00:02 MST