On Wed, 4 May 2005, Aaron P. Martinez wrote:
> I read through the documentation and saw that there are some sites that
> are better set to DIRECT because they don't play well with caching. I'm
> wondering if there is any kind of compiled list for these just so that i
> can thwart any unnecessary user calls before they occur.
Usually these kinds of sites is pretty user specific so it is hard to make
a global list.
Frequency is rather low so it is not something you should need to worry
about in terms of number of calls.
The most frequent problem is sites using Microsoft Integrated Login over
plain HTTP. This does not work well via proxies due to design error in the
Microsoft Integrated Login authentication scheme(s).
There is three solutions
a) Convince the site operator to also enable "plain text" authentication
which follows the standards..
b) Convince the site operator that it is better to use https for
sensitive information requiring authentication..
c) Configure the clients to bypass the proxy for these sites, once
discovered.
To make 'c' easy you should make sure from start that the clients is
configured using a PAC script rather than manual proxy server settings.
Regards
Henrik
Received on Mon May 16 2005 - 15:17:18 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT