> >> Try putting this acl
> >>
> >> acl Java browser Java/1.4 Java/1.5 Java/1.6
> >> http_access allow Java
> >>
> >> This worked for me when using NTLauth.
> >
> > Thanks, though I'm not the one in need of a solution
> and I'm not that
> keen
> > to give Java full unauthenticated browsing
> rights.
> >
> > Perhaps Truth Seeker(?) might try that though.
> >
> > Am I to understand that Java is just really bad at
> NTLM auth, so much so
> > that people just whitelist it for unauthenticated
> access?
>
> Yes.
> Personally I recommend adding other ACL such as sources
> which are allowed
> to use Java in this way. To reduce the impact and security
> holes this
> method opens.
>
> Amos
Well Amos, could you please give me an example acl entry to achieve what you said...
