> > This looks to me like the ntlm authentication succeeds. So
> I suppose something is wrong with the user syntax !? I did not find
>
> Yep, the first TCP_DENIED sessions are ok, this is a site
> effect of the
> NTLM authentication process.
>
> However, you need to specify user & domain all lower case in the
> squid config. Although case does not matter to windows it
> does to unix.
You are right, but it's actually a bit more complex
NTLM _is_ case-insensitive (BTW: this is what makes NT so
much vulnerable against brute-force password-guessing attacks).
For squid-NTLM, by convention, we decided to lower-case them.
You can have a look at sourceforge's project.
the splay_userauth project handles case-insensitive usernames
cleanly (but it doesn't handle the REQUIRED keyword yet).
-- /kinkie -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Thu Nov 02 2000 - 10:49:10 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:13 MST