[SQU] Authentication to Hotmail, Yahoo Mail, etc

Henrik,

Before I am lost too far to isolate the problem, here my new discovery of
symptom. I found a new interesting progress of my problem.

As I inform you that problem (looping to ask username and password) in my
transparent proxy. Below is the (header) address of result pages, if I run
in transparent mode (with unsuccessful result).

http://lc5.law5.hotmail.passport.com/cgi-bin/login?_lang=EN&rru=%2fcgi%2dbin
%2fHoTMaiL&reason=wrongdomain

If I type in the proxy address into my browser (IE 5.5). EITHER I put the
address and port to all fields (HTTP, FTP, SSL, etc) or in HTTP field only.
I successfully LOGIN to HOTMAIL. Below the (header) of address of successful
LOGIN.

http://pv1fd.pav1.hotmail.msn.com/cgi-bin/HoTMaiL?n=14230&fti=yes

I already type "hierarchy_stoplist hotmail.com" into my squid.conf. Someone
tell me that I should check my ACL. However, I use the squid default of ACL.
I just change "http_access deny all" to be http_access allow all". I know
that my change is not good for security reason.

Can you tell me the possibility of problem source?

Thx

Best Regards,

Awie
awie@eksadata.com
PT. EKSADATA INTISOLUSI
Phone : (62-361) 261514
Mobile1 : (62-82) 3610369
Mobile2 : (62-818) 346241
----- Original Message -----
From: "Henrik Nordstrom" <hno@hem.passagen.se>
To: "Awie" <awie@eksadata.com>
Cc: <squid-users@ircache.net>
Sent: Tuesday, October 17, 2000 5:56 PM
Subject: Re: Authentication

> Awie wrote:
>
> > John Saunders told me that most of WEB (the require authentication) need
> > same IP. I must forward the SSL packet to Squid as well as HTTP. His
> > suggestion is very logical. However, when I tried to do it by adding the
> > command into my Cisco IOS. My browser goes "freeze" until it reach the
> > timeout and displaying error message.
>
> This is true for quite many services where authentication is performed
> using cookies.
>
> What most people recommend it to use masquerading/source NAT to have the
> client address rewritten to that of the proxy.
>
> Theoretically it should also be possible to use a TCP proxy capable of
> running as a transparent proxy. I think there is patches to plug-gw from
> TIS FWTK for this...
>
> > Again.....if I run non-transparent mode (I put same proxy address and
port
> > in my browser for all protocols; HTTP, FTP, SSL, etc), it runs very
well. I
> > assume that in my non-transparent proxy, all requests (FTP, HTTP, SSL)
is
> > forwarded to Squid. Am I right?
>
> Your browser does what you tell it... so yes.
>
> > I posted this problem to Squid's user mailing list and send mail to
several
> > people that seems expert (including you). Unfortunately, so far I still
get
> > no solution. Because I cannot "isolate" the source of problem, yet.
>
> You quite likely have isolated the source already.
>
> /Henrik
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html