Re: [squid-users] Authentication issue through the proxy

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 3 Mar 2003 22:39:22 +0100

On Monday 03 March 2003 20.03, Scott Wrosch wrote:

> > This does not mean that you cannot use Microsoft Integrated Login
> > to the proxy and plain Basic authentication to the web server.
>
> Oh? Please, do tell. I'm assuming it's done via an ACL, but I was
> looking through the squid.conf, and didn't see any option that
> stuck out for configuring it like that.

What I was trying to say was that you can use Microsoft Intergrated
Login (NTLM) as proxy authentication while at the same time using
Basic authentication to the web server.

> I'm assuming that patch was incorporated into everything above
> 2.5-STABLE1, correct? (IE the daily snapshots.) If so, I'm
> running 2.5.STABLE1-20030225. I tried applying it, and it said
> that it had already been applied, so I'm figuring that's the case.

The patch was included in the daily snapshots the day it appeared on
the patches page (or shortly before). This is also true for all other
patches found on that page..

The best action is to have the web server reconfigured to also allow
"Plain text" authentication (which is good old standard Basic HTTP
authentication). This will allow the web site to be used via proxies
or with other web browsers than MSIE such as Netscape / Mozilla /
Opera / whatever..

But even if that is not possible all hope is not lost. There exists a
third-party proxy which can act as a Basic->NTLM authentication
gateway. See 'NTLM Authorization Proxy Server'
http://freshmeat.net/projects/ntlmaps/. <

Regards
Henrik
Received on Mon Mar 03 2003 - 14:37:03 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:54 MST