On Thu, 6 Nov 2003, Phil Smith wrote: > "The application and the JRE may not be able to intercept all types of > authentication with proxies. If your proxy environment is configured to > require either NT Challenge-Response or Basic Authentication, the > application may not properly connect through your proxy. In this case, you > may need to set your proxy to allow anonymous connections through the > proxy."
Funny application.. The above can be reprased as "This application does not support proxy authentication. If your proxy normally requires authentication it must be reconfigured to allow the application anonymous access via the proxy". I do not know of any JRE which does not support Basic proxy authentication, but if this Java application is running it's own HTTP libraries or if it is a standalone application (not running as an applet within the browser) then it is understandable that the application developers may not had time to add support for authentication. In any case, all you need to do is to decide on what it should be decided that it is this application. The two acl types you have for this is src for matching the stations where this application may be running dst for matching the destinations the application may be requesting then add a http_access rule before your rule for requiring authentiction, giving the application access. Regards Henrik
