I'm trying to implement ISA 2004 as a Web cache proxy server (single NIC), using squid (our current web proxy) as an upstream proxy.

When I enable Web Proxy Client Authentication (Integrated) on the ISA server, users are repeatedly prompted to supply credentials for all links on the page before. But when authentication is not enabled on ISA, everything works fine.

How can I achieve a single sign on in this scenerio?