RE: [squid-users] Authentication issue through the proxy

Grrr.. I love sending an email when I don't mean to. I looked a little
further into this after having written the email. Didn't mean to send
it, but I did anyways. Whoops.

Anyways, according to what I've found, it's because I'm using NTLM
through a proxy server.

I have found a solution to take care of it on the web server (which I'm
not sure if they'll like, but I can't do anything today because the guy
who handles it is out sick). So the question then is there anything I
can do through Squid to take care of it? Besides not use wb_ntlmauth?

Thanks again,

Scott Wrosch
desk 248.333.7700 x227
email swrosch@marketingassociates.com

> -----Original Message-----
> From: Scott Wrosch
> Sent: Monday, March 03, 2003 9:07 AM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Authentication issue through the proxy
>
> Good morning!
>
> So I've got everything up and running the way I want it to. Of
course,
> a few more monkey wrenches get tossed in the machine, but that's not a
> problem that I can't handle (I just have to get the ambition to
actually
> take care of it).
>
> But, an issue has arisen. We have an "internal" site that we can't
get
> to through the proxy. It's actually a site we can get to outside of
our
> LAN as well, but we only have issues getting to it from inside the LAN
> when using the proxy.
>
> Here's a snippet of the web page error that I get:
>
> >HTTP 401.2 - Unauthorized: Logon failed due to server configuration
> >Internet Information Services
> >
> >Technical Information (for support personnel)
> >
> >Background:
> >This is usually caused by a server-side script not sending the proper
> WWW->Authenticate header field. Using Active Server Pages scripting
this
> is done >by using the AddHeader method of the Response object to
request
> that the >client use a certain authentication method to access the
> resource.
>
> Now to me, that tells me that the server is set up wrong. But, here's
a
> snippet of the access.log file as well:
>
> 1046700592.012 2 192.1.1.72 TCP_DENIED/407 1799 GET
> http://www.marketingassociates.com/internal - NONE/- text/html
> 1046700592.020 2 192.1.1.72 TCP_DENIED/407 1795 GET
> http://www.marketingassociates.com/internal - NONE/- text/html
> 1046700592.052 30 192.1.1.72 TCP_MISS/401 4630 GET
> http://www.marketingassociates.com/internal ma\swros DIRECT/10.10.0.94
> text/html
>
> To me, everything looks fine. I have no problems accessing any of the
> other "internal" sites (a billing site and the Exchange server).
>
> But, with that being said, I've heard that it's an authentication
issue
> with an MS product. And, from what I've seen on the mailing list,
that
> is indeed the case.
>
> So my question then is there any way around it? Whether it be a
setting
> that I might have to have changed on the server hosting the page, or a
> setting in Squid, it doesn't matter to me.
>
> Thanks in advance!
>
> Scott Wrosch
> desk 248.333.7700 x227
> email swrosch@marketingassociates.com
>
> "Our greatest glory is not in never falling
> but in rising every time we fall." -- Confucius
Received on Mon Mar 03 2003 - 07:16:29 MST