Access Control Causes Reverse Proxy to Fail

The information in this article applies to:

• Microsoft Proxy Server version 2.0

SYMPTOMS

When Basic or Microsoft Windows NT Server Challenge Response authentications are enabled on the WWW service, and Access Control is selected (enabled) on the Web Proxy service, a reverse proxy to an internal web server will fail.

CAUSE

The Proxy Server tries to validate the Internet user and sends back the Proxy Authentication header that the browser is not designed to recognize. Therefore, the user will be prompted for username and password three times, then access will be denied, regardless of what username the user enters.

RESOLUTION

Use one of the following methods to workaround this problem:

• Disable Access Control for the Web Proxy service.

• Locate the website on the WWW service on the Proxy Server.

STATUS

Microsoft has confirmed this to be a problem in Microsoft Proxy Server version 2.0.

A supported fix is now available, but has not been fully regression-tested and should be applied only to systems experiencing this specific problem. Unless you are severely impacted by this specific problem, Microsoft recommends that you wait for the next Service Pack that contains this fix. Contact Microsoft Technical Support for more information.