Hi Tom, Thanks for all the help. My intent certainly is not to bypass any authentication checks. Its just that the my client is a large company and they will take some time to get the direct access changes to be approved by their security hierarchy. Till then, for the testing phase of the application, i will ask them to work by configuring the app as a firewall client. On another note, i think the "security" of the network is mainly the domain of the firewall. i guess the basic purpose of the username authentication required in a proxy is for logging (whose accessing what) and not really blocking unauthorized use of the outbound HTTP. Would like to hear your comments on this. regards rajeev