RE: Java problems.

  • From: <AHendriks@xxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 29 Dec 2004 11:45:17 +0100

Normaly behavoir is that all users who have access to the internet needs
to authenticate before they can use the internet, so my default setup
was that alle users from a specific domain group have internet access.

This behavoir happens on a NT workstation, with a XP workstation, the
problem doesn't exist.

The site the users connecting to is a external site, so i'm unable to
change the external site, and when i connect with a xp workstation, i
don't have to authenticate on the external web site, so i think they
don't use NTLM authentication.

Cause of an other problem which i have posted here, i have disabled the
rule for anonymous access to the site, so the problem raised again.

With the proxy 2.0 server which we used before, we have no problems with
the site, so i think it's a configuration problem within ISA 2004.

An other expirence which i had with the migration from proxy to isa, was
that i alway coud make use of the ftp protocol, but when chaning the
settings to the isa server, i was unable to use it, after adding my self
to the domain ftp group (which includes all users with ftp access), i
was able to ftp again.

Arjan

> 99 times out of 10, this is an authentication issue.
> Where does this rule sit in the overall order?
> If you have any authenticated rules before this, your Java 
> app will likely fail.
> As you can see from your rule, allowing anonymous (all users) 
> makes this traffic work.
> Check with your Java runtime authors to see if they have an 
> update that supports Integrated (NTLM) authentication.
> 
> -----Original Message-----
> From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx]
> Sent: Monday, December 27, 2004 01:25
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Java problems.
> 
> http://www.ISAserver.org
> 
> When a user tries to connect to a site witch uses java, not 
> the whole screen is displays, the user is using Windows NT 
> with IE 5.5, when i try to reach the site everything goes 
> well, i'm using XP with IE 6, i need to turn off pop-ups for the site.
> 
> I have created a rule for the site, so that the site can be 
> reached anonymous, all the other sites needs to be 
> authenticated. When the user tries again, there are no 
> problems with the site, i have wrote the following rule:
> 
> Name          Overheid.nl
> Action        Allow
> Protocols     HTTP/HTTPS
> From          Local,Internal
> To            overheid.nl (domain name set)
> Users         All Users 
> Schedule      Always
> 
> I'm running ISA 2004 as a proxy server only.


Other related posts: