Force refresh (CTRL+f5) in Firefox results in authentication popup

<< Back to Knowledge Search



In Firefox, a force refresh (CTRL+f5) results in an authentication pop up box, see below, even if IWA authentication has been configured.

This issue is not present if the browser in use is Internet Explorer.

From a packet capture, as soon as you send a force refresh command,  you can see that:

In Firefox:

While in Internet Explorer:




The issue is due to the way Internet Explorer interprets the response headers sent from the web server. Internet Explorer (by design, see Microsoft article 937479), will delete the file from the local browser cache before the user can even open it, if the response headers sent from the web server contain the following headers:

  • Pragma=No Cache
  • Cache-Control=No Cache
so, authentication with Internet Explorer just works fine when a force refresh (CTRL+f5) is sent.
Both browser are sending NTLM credentials in the same packets (see boxes coloured in purple, in the print screen above). So the reason is a design choice of the Microsoft Corporation, not Blue Coat Technologies, Inc.
The Proxy cannot change this specific browser behaviour. 
In order to bypass this problem, you can create a new authentication rule to intercept FIREFOX User-Agent and use “Proxy-IP” authentication mode.
For a detailed explanation about authentication mode, please refer to KB2877 or, alternatively:
  1. Change the Firefox settings disabling the "security.enable_tls_session_tickets", in about:config: ; as described by

  2. Insert the URIs with which to automatically authenticate via NTLM (Windows domain logon) into "network.automatic-ntlm-auth.trusted-uris" in about:config: ; as described by and

    Check the URI you configured into Configuration->Authentication->IWA->IWA General->Virtual URL. Default value is


This solution might affect general behavior for your Firefox browser, for that BlueCoat cannot be considered responsible. For more details please refer to Mozilla technical support.

Additional Information
Bug Number
InQuira Doc IdKB4921

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 4, SGOS 5, SGOS 6
Topic      Authentication
Article Number      000009489
Was this helpful?
Previous MonthNext Month