Re: [SQU] repeated credential prompts with NTLM

ok, http://www.ideal.net.au/~collinsdial/squidntlm20010103.tar.bz2 is the magic location. It's a fully checked out source tree of
the ntlm branch on squid.sourceforge.net I don't know how stable it is (I only put the recent structural changes into the ntlm code
today). It works for me, but YMMV.

Note: the squid.conf format for authentication parameters has changed. READ squid.conf.default under auth_parm. Your existing config
file can be easily changed to match

authenticate_program ...
becomes
auth_param basic program ...
authenticate_program_ntlm ...
becomes
auth_param ntlm program ...

note that you will want the ntlm parameters before the basic ones (to work around MSIE's brokeness).

Rob

----- Original Message -----
From: "Craig Fels" <csfels@swbell.net>
To: "Robert Collins" <robert.collins@itdomain.com.au>; "Squid-Users@Ircache.Net" <squid-users@ircache.net>
Sent: Wednesday, January 03, 2001 11:18 AM
Subject: Re: [SQU] repeated credential prompts with NTLM

> Rob,
>
> Thanks. As far as allowing SSH....I'm working on it. The firewall is a
> little outside my boundaries, so it _may_ not be possible, but I'll try.
>
> Thanks again. I'll be looking for that snapshot at the end of the week.
>
> Craig
> ----- Original Message -----
> From: Robert Collins <robert.collins@itdomain.com.au>
> To: Craig Fels <csfels@swbell.net>; Squid-Users@Ircache.Net
> <squid-users@ircache.net>
> Sent: Tuesday, January 02, 2001 4:42 PM
> Subject: Re: [SQU] repeated credential prompts with NTLM
>
>
> > I'll generate a snapshot for you later this week. My .2c worth: allow SSH
> through the firewall.
> >
> > Rob
> > ----- Original Message -----
> > From: "Craig Fels" <csfels@swbell.net>
> > To: "Robert Collins" <robert.collins@itdomain.com.au>;
> "Squid-Users@Ircache.Net" <squid-users@ircache.net>
> > Sent: Wednesday, January 03, 2001 9:16 AM
> > Subject: Re: [SQU] repeated credential prompts with NTLM
> >
> >
> > > Robert,
> > >
> > > I'll take a look at the logs and read the FAQ on using cachemgr. I hate
> to
> > > admit this, but I've never used it.
> > >
> > > As far as the CVS tree, I'm the guy with the locked down firewall. I
> can't
> > > connect to the CVS server. Any chance you are still thinking of setting
> up
> > > a nightly snapshot? Pretty Please? ;-)
> > >
> > > Thanks again!
> > > Craig
> > >
> > > ----- Original Message -----
> > > From: "Robert Collins" <robert.collins@itdomain.com.au>
> > > To: "Craig Fels" <csfels@swbell.net>; "Squid-Users@Ircache.Net"
> > > <squid-users@ircache.net>
> > > Sent: Tuesday, January 02, 2001 4:12 PM
> > > Subject: Re: [SQU] repeated credential prompts with NTLM
> > >
> > >
> > > > Hi Craig,
> > > > What date did you last download the CVS branch and update? I'm
> running
> > > with a windows 2000 DC without any erroneous error
> > > > prompts. (Don't download the CVS tree and update just yet, We're
> putting
> > > the finishing touches on another round of changes :-]).
> > > >
> > > > Hold on to the end of this week and then we should have the code
> stable
> > > again...
> > > >
> > > > In the meantime,
> > > > debugging logs are the only things that can help up us. Squid will
> tell
> > > you why it reported the error. Also you can look and see if
> > > > you have hung helpers (which often indicate a failed DC connection)
> using
> > > the cachemgr.
> > > >
> > > > Rob
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Craig Fels" <csfels@swbell.net>
> > > > To: "Squid-Users@Ircache.Net" <squid-users@ircache.net>
> > > > Sent: Wednesday, January 03, 2001 8:28 AM
> > > > Subject: [SQU] repeated credential prompts with NTLM
> > > >
> > > >
> > > > > Today I was browsing various websites and became irritated with
> repeated
> > > > > prompts by IE5.01 for my username, password, and domain.
> > > > >
> > > > > As some of you may remember, I'm running Squid 2.4.Devel-4-NTLM and
> its
> > > > > running on a Linux Mandrake 7.0 box. The machine is a Pentium
> 3-550Mhz
> > > with
> > > > > 256MB RAM.
> > > > >
> > > > > Right now, since the box is in testing mode with the NTLM code, only
> 3
> > > or so
> > > > > people are using it. So by no means is the box getting overworked.
> > > > >
> > > > > I am going to have a hard time getting management to buy-into using
> this
> > > > > proxy site-wide if the NTLM code keeps acting up.
> > > > >
> > > > > Here's a summary of the issue:
> > > > >
> > > > > Start IE 5.01.
> > > > > Browse for a few minutes without problem.
> > > > > Then, logon prompt appears (typical username/password/domain). If I
> > > enter
> > > > > my credentials, sometimes that's enough, and it keeps going. Other
> > > times,
> > > > > it prompts me 3 times in a row, then I get my "Denied" custom ERR
> page
> > > that
> > > > > I created.
> > > > > I click "BACK" on the browser, then click the same link I was trying
> to
> > > go
> > > > > to before, and all is well.
> > > > >
> > > > > Squid.conf entries for the ntlm helper are the defaults. BTW, I am
> > > using
> > > > > ntlm_auth for the helper.
> > > > >
> > > > > Anyone (read Robert/Kinkie) ;-) have any ideas?
> > > > >
> > > > > Thanks,
> > > > > Craig
> > > > >
> > > > > --
> > > > > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
> > > > >
> > > > >
> > > >
> > >
> > > --
> > > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
> > >
> > >
> >
> > --
> > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
> >
>
>

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html