> I have heard that the Netscape Proxy Server provides Proxy Authentication
> using Code 407. Is there anybody knows how it works?
Much like simple WWW authentication. If the proxy returns, instead of a
HTTP/1.0 407 Unauthorized
Proxy-Authenticate: Basic realm="foo"
then a popup is displayed, asking for username/passwd. What is entered by the
user is uuencoded and sent back to the proxy, using Proxy-authorization header.
User-Agent: Mozilla/1.1N (X11; I; SunOS 4.1.4 sun4m)
Proxy-authorization: Basic amN0OmJhcg==
Of course, you could already do that with a CERN proxy using Protect
directive (this thread was discussed here recently). What's interesting here
is that it doesn't prevent you from accessing Web sites where pages are
> Can it really prohibit unauthorized internal users to use internet
> services using the proxy server?
If users don't now how to snoop connections to the proxy or if you're using a
one-time password scheme, yes. You can send a challenge in the "realm" field.