Using Java with Squid Proxy and Authentication

How to allow Java to Update?

By default, installation of Web Safety prohibit downloading of executable files. In this case, you might get the following error when running Java updates:

../../../_images/java_error403.png 
---------------------------
Error - Java Update
---------------------------
There was an error downloading Java to your machine.
There may be proxy, firewall, or other network issues causing an HTTP Error 403.
Please refer to http://java.com/error403
---------------------------
OK
---------------------------

To workaround this problem, exclude .oracle.com both from HTTPS decryption and ICAP filtering.

How to bypass proxy authentication for Java applets?

Sometimes Java applications do not work correctly with proxy authentication. If you need to completely bypass proxy authentication for any Java applet, allow requests with User Agent set to typical Java value to go directly to web by adding the following string to UI / Squid / Exclusions / Other / User Agent.

Java/1.4 Java/1.5 Java/1.6  Java/1.7  Java/1.8  Java/1.9

After clicking Save and Restart from Web UI, your generated squid.conf will contain the following (before the acl auth proxy_auth REQUIRED statement):

# bypass proxy authentication for a User Agent of Java app
acl Java browser Java/1.4 Java/1.5 Java/1.6  Java/1.7  Java/1.8  Java/1.9
http_access allow Java

Please note the User Agent string can be easily forged so this method is not recommended.