Is there any way to influence the order in which Squid sends the Proxy-Authenticate headers to the client? I already tried changing the order in the config file to no avail. Background: I have a squid 3.3.3 proxy using both kerberos and radius. A capture shows it offers both Basic and Negotiate authentication schemes, in separate headers and in that order. IE seems to try Negotiate first and Basic later, disregarding the order in which the headers appear. Firefox seems to be trying in the same order as the headers appear (I haven't confirmed that changing the order would fix this). The RFC doesn't seem to mention anything about which one should be tried first, so both approaches seem reasonable. I haven't been able to find any configuration option in Firefox to change the order either.
