Fw: [squid-users] Does Squid 2.5.PRE5 support NTLM WWW authentica tion ?

----- Original Message -----
From: "Jigar Rasalawala" <jrasalawala@fourelle.com>
To: "Oswaldo Gomes" <Oswaldo@bsb.politec.com.br>
Sent: Friday, April 12, 2002 12:03 PM
Subject: Re: [squid-users] Does Squid 2.5.PRE5 support NTLM WWW authentica
tion ?

> hi, guys
>
> Thanks a lot for yr replies. I am successfully able to pass transparent
> request to the Squid Proxy.
> NTLM seems to be working.. Page contains lots of objects like gif, jpeg,
> some java scripts etc.
> When i visit that page, it seems like that, NTLM Web server is asking for
> username, password
> and domain name again and again.
>
> As much as I know about NTLM, once u open browser and send a first request
> to NTLM server,
> it will ask for authentication only onece untill u close browser and start
> new session. here it seems
> like that squid opening new connection with NTLM server for each object.
>
> Any help or hint appriciated..
>
> Thanks
> Jigar
> ----- Original Message -----
> From: "Oswaldo Gomes" <Oswaldo@bsb.politec.com.br>
> To: "'Jigar Rasalawala'" <jrasalawala@fourelle.com>
> Sent: Friday, April 12, 2002 11:34 AM
> Subject: RES: [squid-users] Does Squid 2.5.PRE5 support NTLM WWW
authentica
> tion ?
>
>
>
> You can customize Internet Explorer using IEAK, and put the intranet
servers
> in the exceptions (in the connections tab). With this configuration, your
> browser will not use the proxy server to access the internal servers.
>
> -----Mensagem original-----
> De: Jigar Rasalawala [mailto:jrasalawala@fourelle.com]
> Enviada em: sexta-feira, 12 de abril de 2002 13:49
> Para: Henrik Nordstrom; Van Bossche Koen
> Cc: squid-users@squid-cache.org
> Assunto: Re: [squid-users] Does Squid 2.5.PRE5 support NTLM WWW
> authentica tion ?
>
>
>
> hi guys
>
> Thanks all for yr reply.. here i am talking about WWW web authentication
> through NTLM. In out corporate intranet
> some servers are running NTLM web authentication what i mean when u visit
> page from that web server, it will ask
> for username , password and NT domain name..
>
> Now If i pass a transparnt (any how) request to squid proxy, will it pass
> authenticaiton string to NTLM web server ?
> will it work ?
>
> Thanks
> Jigar
> ----- Original Message -----
> From: "Henrik Nordstrom" <hno@marasystems.com>
> To: "Van Bossche Koen" <Koen.VanBossche@KONE.com>
> Cc: <squid-users@squid-cache.org>
> Sent: Friday, April 12, 2002 4:06 AM
> Subject: Re: [squid-users] Does Squid 2.5.PRE5 support NTLM WWW authentica
> tion ?
>
>
> > Van Bossche Koen wrote:
> >
> > > So it means Squid cannot be used? Aren't there any alternate solutions
> to
> > > handle that?
> >
> > Neither can MS Proxy if your web server requires NTLM authentication.
> >
> > The MS NTLM over HTTP authentication sheme is fundamentally flaved,
> violating
> > important aspects of HTTP. There cannot be a standard HTTP proxy
inbetween
> > the user and the point where authentication is performed.
> >
> > As a result of this, newer versions of MS-IE reportedly won't even
attemtp
> to
> > use MS NTLM authentication to log in to web sites when using a proxy.
> >
> > This said, in theory it is possible to make a HTTP proxy where proxying
of
> > NTLM authentication will work, but only by adding a quite gross hack
> specific
> > for MS NTLM authentication. If there is interest in having this hack
> > developed for Squid then consider sponsoring one of the Squid developers
> to
> > develop the feature/hack.
> >
> > > If the destination web server would use something different like basic
> > > authentication, wouldn't it then work?
> >
> > Ofcourse. Basic HTTP authentication is fully HTTP compliant, and can be
> > proxied by all HTTP proxies.
> >
> > Regards
> > Henrik Nordström
> > Squid Developer
> >
>
>
Received on Fri Apr 12 2002 - 13:16:45 MDT