On Thu, 2003-01-09 at 05:53, Peter Smith wrote:
> I have a site that one of our users is unable to authenticate to via
> Squid. Apparently if we open up just port 80 to this site from our
> campus access is fine. It is just through Squid it is failing. Using
> Lynx on an open connection I get the error "Alert!: Invalid header
> 'WWW-Authenticate: NTLM' ".
>
> I've tried both Squid 2.4STABLE6 and Squid 2.5STABLE1. The site I'm
> going to is "http://138.26.196.132/camus_quest/memberinfo.html" . I've
> reviewed the location
> "http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.14" and it mentions
> that version 2.5 will support NTLM Authentication but it is not working
> with 2.5. Am I missing something?
>
> Any suggestions would be welcome.
That site is running NTLM for authentication. As per the squid FAQ, NTLM
on web servers is not proxiable, because it needs tcp proxying, not http
proxying. (See the article linked to in the MS Knowledge base).
You need to either allow that one site direct access, or explain to them
that what they are doing is not recommended, by anyone.
Rob
-- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:35 MST