Most popular web browsers can support one of the Authentication Server methods. However, some clients that use ports 80 and 443 as a communication channel for non-HTTP compliant traffic and some java applets, cannot authenticate to the Authentication Server at all, others cannot do it transparently. Exceptions can usually be made for these applications by some combination of bypassing (6.x) or rule criteria (7.x) based on destination, user agent, or source.
I would like to compile a list of applications that needs to bypass authentication in web gateway so as to help come up with some form of "need to bypass" applications to save all of us future headaches when troubleshooting deployment issues.
Let me start:
* Outlook Preview Pane with Image display.
* many Java Applications that communicate independently of the browser's behaviour.
* many browser plugins and activeX controls that communicate independently of the browser.
Basically, anything that is NOT a browser.
Oh, and almost anything that is not a Windows browser, (i.e. Mac/*nix)
IMHO, explicit proxy is always a better way to go.Message was edited by: Erik Elsasser on 12/1/10 12:06:23 PM CST