Consider the following scenario:
| • | A Web proxy client computer tries to connect to a Web site through a computer that is running Microsoft Internet Security and Acceleration (ISA) Server 2004. |
| • | ISA Server is configured to request integrated Windows authentication from the client computer. |
| • | The client computer uses the HTTP 1.0 protocol to send connection requests to ISA Server. |
In this scenario, the client computer may not be authenticated by ISA Server. Additionally, the client computer is repeatedly prompted to provide credentials or receives authentication error messages.
Note This problem may occur when the client computer tries to connect to either secure (HTTPS) Web pages or non-secure (HTTP) Web pages.
Back to the top
This problem occurs if the client computer does not send connection requests that contain either a "Proxy-Connection: Keep-Alive" header or a "Connection: Keep-Alive" header to ISA Server. If a request that uses the HTTP 1.0 protocol does not contain either a "Proxy-Connection: Keep-Alive" header or a "Connection: Keep-Alive" header, ISA Server closes the connection during the authentication process.
Integrated Windows authentication is a session-based authentication method that requires the whole authentication process to occur over the same connection without any disconnects.
Note This problem typically occurs when you use integrated Windows authentication. This problem may not occur when you use other authentication methods, such as basic proxy authentication.
Back to the top
To resolve this problem, install the hotfix that is described in the following Microsoft Knowledge Base article:
923767 (http://support.microsoft.com/kb/923767/) Description of the ISA Server 2004 hotfix package: August 15, 2006
Back to the top
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Back to the top
Help and Support
