Tuesday, March 11, 2008

Firefox, Transparent Proxy and Authentication

Firefox is my browser of choice. But it does not always integrate smoothly into the office environment.

In our environment Internet access is made through a proxy server. We are required to authenticate to the server using our Active Directory credentials before access is granted.

Recently we switched over to a transparent proxy. This has been a good thing as it simplifies configuration, doesn't require changing proxy settings when I carry my laptop home, and pretty much just works automatically.

A few applications don't like authenticating to a proxy server but Firefox does very well. I am prompted for my credentials when I first open Firefox and using the Remember Password feature I usually don't have to enter the credentials but just click OK. But some things just don't work. The Search Suggest drop down causes an authentication dialog to appear (and this dialog doesn't remember my credentials) and theme, extension and automatic updates fail.


Firefox will handle authenticating proxies gracefully when configured to do so. There is no UI for setting this up but the configuration changes are easy to make using about:config. Here is how:

  1. Determine the domain name of your proxy server. You might have to ask your IT department but you can probably glean this information from the authentication dialog.

  2. Open a new tab and enter about:config in the address bar. Type negotiate in the Filter field. The preferences list should be reduced to about 5 items.

  3. Find the network.negotiate-auth.trusted-uris preference. Double click it and enter the proxy server's domain name.

  4. Find the network.negotiate-auth.delegation-uris preference. Double click it and enter the proxy server's domain name here as well.

That should do it. Firefox will automatically use your Windows credentials to authenticate to the proxy server. You should not need to make any changes when connected outside the corporate network.


No comments:

Post a Comment