[squid-users] Antwort: [squid-users] Chain NTLM Auth on Squid and on Apache web server

From: <Horst.Mundt@dont-contact.us>
Date: Mon, 17 May 2004 10:25:26 +0200


You cannot use NTLM-authentication through squid.
See http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.14



                                                                                                                             
                    "CHARREAU Anthony"
                    <anthony.Charreau@region- An: <squid-users@squid-cache.org>
                    alsace.fr> Kopie:
                                                    Thema: [squid-users] Chain NTLM Auth on Squid and on Apache web server
                    17.05.2004 10:18
                                                                                                                             
                                                                                                                             




Hi everybody,

I have got a problem with Squid NTLM feature and it is a bit strange, be
advise :-)

I am setting a proxy / cache platform based on squid with NTLM auth
feature.
This platform includes an Apache web server to show access statistics to
users.

The problem occurred when I try to gain access to my Apache stats page
through Squid.
If I try to see a Internet or Intranet website without NTLM auth through
Squid, who always auth users with NTLM, it works fine.
If I try to go to my stats page directly (including proxy bypassing), it
works fine too.

So, Apache alone works fine, squid alone works fine, but when I try to
chain both, it fails.
I done a network packet capture, and I have seen that the error page that
client browser shows contains exactly the same headers (with ntlm auth
required tag) as the page that apache returns when I bypass the proxy.

So, it seems that client doesn't answer to the ntlm auth required when I
pass through squid and simply shows the error page.

Have you got any idea to solve this strange problem ?
Thanks in advance.

                        ////
                       (@ @)
-----------------oOO----(_)----OOo-----------------

Anthony CHARREAU
Région Alsace - Computer Science Dept.

---------------------------------------------------






Disclaimer

Diese E-Mail kann vertrauliche und/oder rechtlich geschützte Informationen
enthalten. Wenn Sie nicht der beabsichtigte Empfänger sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender tele-
fonisch oder per E-Mail und löschen Sie diese E-Mail aus Ihrem System. Das
unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht
gestattet. Wir haften nicht für die Unversehrtheit von E-Mails, nachdem sie
unseren Einflussbereich verlassen haben.

This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error) please
notify the sender immediately by call or e-mail and destroy this e-mail. Any
unauthorised copying, disclosure or distribution of the material in this
e-mail is strictly forbidden. We are not responsible for the integrity of
e-mails after they have left our sphere of control.


Received on Mon May 17 2004 - 02:25:31 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT