RE: [squid-users] Anonymous Access to one site

From: Phil Smith <PSmith@dont-contact.us>
Date: Thu, 6 Nov 2003 10:05:12 -0500

This is actually the message back from the site

"The application and the JRE may not be able to intercept all types of
authentication with proxies. If your proxy environment is configured to
require either NT Challenge-Response or Basic Authentication, the
application may not properly connect through your proxy. In this case, you
may need to set your proxy to allow anonymous connections through the
proxy."

>-----Original Message-----
>From: Henrik Nordstrom [mailto:hno@squid-cache.org]
>Sent: Thursday, November 06, 2003 9:45 AM
>To: Phil Smith
>Cc: 'squid-users@squid-cache.org'
>Subject: Re: [squid-users] Anonymous Access to one site
>
>
>On Thu, 6 Nov 2003, Phil Smith wrote:
>
>> I am running squid in an NT environment. We use NT
>authentication to grant
>> or deny users access to the web via NT global groups. This
>works great
>> except for one site that apparently uses its own
>authentication and dies on
>> our squid proxy.
>
>Almost certainly this one site is using "Microsoft Integrated Login"
>(NTLM and friends) authentication which can not be proxied.
>This problem
>is not related to you using proxy authentication or not.
>
>The ways around this are
>
>a) To convince the site operators to enable support for the
>standard Basic
>HTTP authentication scheme ("Plain Text" in the IIS configuration).
>
>b) Configure your browsers to not use a proxy for reaching
>this web site.
>
>Microsoft has a number of good KB documents on why "Microsoft
>Integrated
>Login" mechanisms should not be used over the Internet.
>
>Regards
>Henrik
>
Received on Thu Nov 06 2003 - 08:05:15 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:09 MST