Brandis Jaroslav wrote:
> Store ntlm username from headers to log files, but when user is not
> using ntlm aware browser or software, user can use proxy without
> limitations. I try to define acl like auth required -> allow
> authenticated -> allow all , but no ntlm usernames was in log files. Can
> somebody help me with this ?
Unfortunately not easily done.
Squid has no good way of knowing if the browser supports NTLM or not before
asking for it, and by asking for it it will trigger a login box even in
browsers not supporting NTLM, or if the browser works correctly, cause the
user to see the "authentication required" error message.
What you maybe can do as an approximation is to use the browser acl type to
only require authentication from MSIE browsers.
Regards
Henrik
Received on Mon Sep 09 2002 - 12:23:00 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:10 MST