> >> in the first case (HTTP and GET) the client (javaws) sends a >> "Keep-alive: 300, Connection: keep-alive", in the second >case (HTTPS and >> CONNECT) no keep-alive is sent and so the NTLM-Auth failes. > >keep-alive is needed for NTLM. Without keep-alive only Basic or Digest >can be used. > one more question: in squid.conf i can set "keep_alive off" (also for ntlm_auth). if keep-alive is a must for NTLM challenge response, then what "keep_alive off" means? that would contractict the "must"...??? markus
