[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


On the MAC OS X, Always get "Open HTTP connection failed" when to open a webpage with a applet inside use ISA proxy with NTLM

Posted on 2006-04-19
Medium Priority
Last Modified: 2008-01-09
I have 4 computers: 3 PC and a Macintosh.
On the first computer, I put a webpage with a simple applet inside and both is in a IIS server.
On the second computer, I install ISA server with NTML mode (only check "Intergrated" on Add/Edit Listener dialog).
On the third computer (a Macintosh computer), I use Safari to access the webpage on the first computer.
On the fourth computer, I use IE to access the webpage on the first computer.

The first and the second computer are installed window 2000 Server.
The third computer is installed MAC OS X 10.4 with jdk 1.5 and Safari 2.0.3
The fourth computer is installed window 2000 pro.

When I use the third computer to access the webpage on the first computer I always get a error messege in Java consonle: class not found ...... open HTTP connection failed. But the webpage is showed without applet.
(this happens with Safari, Firefox and Camino)

But I can use the third access the webpage when I configure ISA server with Basic mode. In additions, I can use the fourth to access the webpage that it does not depend on the mode of ISA.
When I see ISA log file, I see that:
1. With other file types, for example: html, js, gif, jpg, cfm..., at the first the brower tries to use anonymous account to get these files and ISA return a 407 error then the brower uses my accout to get these files and success.
2. But with class file, or jar file (inside applet tag), the brower only uses anonymouse account to get these file and always get 407 error.
++      anonymous      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:22      thesecond      -      thefirst      -      80      -      369      4187      http      GET      http://thefirst/testApplet.html      -      407
++      anonymous      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:35      thesecond      -      thefirst      -      80      -      441      437      http      GET      http://thefirst/testApplet.html      -      407
++      AKNET\bl      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:35      thesecond      -      thefirst      80      -      805      540      http      GET      http://thefirst/testApplet.html      Inet      200
++      AKNET\bl      Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2      2006-04-19      12:02:35      thesecond      -      thefirst      80      15      353      4206      http      GET      http://thefirst/favicon.ico      Inet      404
++      anonymous      Mozilla/4.0 (Mac OS X 10.4.6) Java/1.5.0_06      2006-04-19      12:02:38      thesecond      -      thefirst      -      80      -      279      4178      http      GET      http://thefirst/at.jar      -      407
++      anonymous      Mozilla/4.0 (Mac OS X 10.4.6) Java/1.5.0_06      2006-04-19      12:02:38      thesecond      -      thefirst      -      80      -      -      4467      http      GET      http://thefirst/clock.class      -      407
++      anonymous      Mozilla/4.0 (Mac OS X 10.4.6) Java/1.5.0_06      2006-04-19      12:02:38      thesecond      -      thefirst      -      80      -      -      4479      http      GET      http://thefirst/clock/class.class      -      407

Thanks for any help.

Question by:lqmt
  • 2
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16490497
Basic mode uses a username and password set whereas Integrated passes the users own credentials.

I have to say I have dealt with only a few calls on MAC's with ISA. I have never seen a MAC use Integrated before.....

Author Comment

ID: 16498709
I have found an awser for my question:


Simply, it mentions " NTLM authentication is supported on Windows platforms only"

Thanks anyway!!!
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16500709

Accepted Solution

CetusMOD earned 0 total points
ID: 16688276
PAQed with points refunded (250)

Community Support Moderator

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question