Hi Henrik,
At 23.22 08/09/2003, Henrik Nordstrom wrote:
>On Monday 08 September 2003 21.30, Serassio Guido wrote:
>
> > I think that some glue on challenge reuse between Squid and helpers
> > is needed:
> >
> > auth_param ntlm max_challenge_reuses
> > auth_param ntlm max_challenge_lifetime
> >
> > are totally non sense with a real NTLMSSP helper.
>
>Correct. These directives only make sense if challenge reuses is
>allowed.
>
> > I'm using 2 helper with one single client, it should not be a "low"
> > helper environment.
>
>2 helpers with a single client is a low helper envionment.
>
>You need 1 helper per concurrent new TCP connection, and all browsers
>I know of opens at least 2 connections, sometimes a lot more..
Ok, now I'm running 5 helpers, but the problem is still here:
After 2 - 3 minutes of web navigation, two consecutive KK to the same
helper, the helper report the fails to squid with BH after the second KK
and the browser pop-ups for authentication.
The client is an IE 6 SP1 on Windows NT 4.
auth_param ntlm max_challenge_reuses is still set to 0
Looking on cachemgr, NTLM authenticator statistics says that only 3 helpers
was used, the remaining 2 are alive and never used.
This seems to me very strange.
Regards
Guido
>Regards
>Henrik
-
========================================================
Guido Serassio
Acme Consulting S.r.l.
Via Gorizia, 69 10136 - Torino - ITALY
Tel. : +39.011.3249426 Fax. : +39.011.3293665
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Tue Sep 09 2003 - 03:37:11 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:40 MST