- NG Firewall firmware versions 4.2.x, 5.0.x
- netfence firmware versions 4.2.x
Exempt the java queries from authentication. Create an ACL Entry of the type "browser", with the entries for java, and combine it with an allow "Action" prior to the used authentication "Action".
Attention: If URL-Filter is used and configured for filtering upon groups or users keep in mind that the Java-Applications do not have any authentication information any more. So they will match most time in default-999999 group which blocks all requests.
Big green square: the pagerequest, browser authenticates with MS-CHAP, therefore URL-Filter-configuration 1000 matches (small orange squares).
Big red square: Java-Applet tries, has no authentication and therefore URL-Filter-configuration 999999 matches (small blue squares) - and get blocked.
To allow them create in the 999999 configuration a whiltelist with the sites you want to bypass.
Big green square: the pagerequest, browser authenticates with MS-CHAP, therefore URL-Filter-configuration 1000 matches (small orange squares).
Big red square: Java-Applet tries, has no authentication and therefore URL-Filter-configuration 999999 matches (small blue squares) - this time the site is whitelisted in 999999 configuration and therefore the communication is allowed..