On the MAC OS X, Always get "Open HTTP connection failed" when to open a webpage with a applet inside use ISA proxy with NTLM

Posted on 2006-04-19
Last Modified: 2008-01-09
I have 4 computers: 3 PC and a Macintosh.
On the first computer, I put a webpage with a simple applet inside and both is in a IIS server.
On the second computer, I install ISA server with NTML mode (only check "Intergrated" on Add/Edit Listener dialog).
On the third computer (a Macintosh computer), I use Safari to access the webpage on the first computer.
On the fourth computer, I use IE to access the webpage on the first computer.

The first and the second computer are installed window 2000 Server.
The third computer is installed MAC OS X 10.4 with jdk 1.5 and Safari 2.0.3
The fourth computer is installed window 2000 pro.

When I use the third computer to access the webpage on the first computer I always get a error messege in Java consonle: class not found ...... open HTTP connection failed. But the webpage is showed without applet.
(this happens with Safari, Firefox and Camino)

But I can use the third access the webpage when I configure ISA server with Basic mode. In additions, I can use the fourth to access the webpage that it does not depend on the mode of ISA.
When I see ISA log file, I see that:
1. With other file types, for example: html, js, gif, jpg, cfm..., at the first the brower tries to use anonymous account to get these files and ISA return a 407 error then the brower uses my accout to get these files and success.
2. But with class file, or jar file (inside applet tag), the brower only uses anonymouse account to get these file and always get 407 error.
++      anonymous      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:22      thesecond      -      thefirst      -      80      -      369      4187      http      GET      http://thefirst/testApplet.html      -      407
++      anonymous      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:35      thesecond      -      thefirst      -      80      -      441      437      http      GET      http://thefirst/testApplet.html      -      407
++      AKNET\bl      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:35      thesecond      -      thefirst      80      -      805      540      http      GET      http://thefirst/testApplet.html      Inet      200
++      AKNET\bl      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:35      thesecond      -      thefirst      80      15      353      4206      http      GET      http://thefirst/favicon.ico      Inet      404
++      anonymous      Mozilla/4.0 (Mac OS X 10.4.6) Java/1.5.0_06      2006-04-19      12:02:38      thesecond      -      thefirst      -      80      -      279      4178      http      GET      http://thefirst/at.jar      -      407
++      anonymous      Mozilla/4.0 (Mac OS X 10.4.6) Java/1.5.0_06      2006-04-19      12:02:38      thesecond      -      thefirst      -      80      -      -      4467      http      GET      http://thefirst/clock.class      -      407
++      anonymous      Mozilla/4.0 (Mac OS X 10.4.6) Java/1.5.0_06      2006-04-19      12:02:38      thesecond      -      thefirst      -      80      -      -      4479      http      GET      http://thefirst/clock/class.class      -      407

Thanks for any help.

Question by:lqmt
    LVL 51

    Expert Comment

    by:Keith Alabaster
    Basic mode uses a username and password set whereas Integrated passes the users own credentials.

    I have to say I have dealt with only a few calls on MAC's with ISA. I have never seen a MAC use Integrated before.....

    Author Comment

    I have found an awser for my question:

    Simply, it mentions " NTLM authentication is supported on Windows platforms only"

    Thanks anyway!!!
    LVL 51

    Expert Comment

    by:Keith Alabaster

    Accepted Solution

    PAQed with points refunded (250)

    Community Support Moderator

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now