There are two issues that need to be solved: configure a proxy and configure the proxy.
Configure a proxy. SharePoint does not know you use a proxy, unless you configure it in the web.config for your web application. You do this by adding the following code:
<system.net><defaultProxy useDefaultCredentials="true"><proxy usesystemdefault="false"
proxyaddress="http://proxy.contoso.com:8080"
bypassonlocal="true" /><bypasslist><add address="*.contoso.com" /></bypasslist></defaultProxy></system.net>
Configure the proxy. Even when SharePoint knows where to find the proxy, there is no way to pass through the NTLM authentication. I believe this should be possible with Kerberos (which in it's nature has the ability to use multiple hops from machine A to B to C). So in the case of NTLM, the proxy should be told to "ease up on SharePoint". In other words: configure the proxy to allow the SharePoint front-ends to connect to (specific sites on) the internet without authentication (based on IP address).
No comments:
Post a Comment