Hi All,
Please bear with me,
I have been successfully using squid2.5 as an (http) reverse proxy for
the last couple of years. One application is Domino Web Access, which
required a user to then POST login credentials to Domino. The other was
is an asp website, that requires integrated windows authentication.
These reverse proxies used winbindd to initially authenticate users off
an NT4 password server, then pass to these apps. The asp application was
displayed immediately, as I presume IE used the same credential as the
initial squid authentication, to then pass onto the app.
After upgrading to Squid 3.0-PRE3 and SSL, I have been having problems
with the ASP application proxy. The Domino Web App proxy is working very
well.
The two config files are very similar, differing only on the cache_peer
and http_port (for crt info) lines. The symptoms of the ASP issue are,
that after I authenticate successfully to squid/winbindd, I am prompted
with the old three field NTLM Ruth box. Username, password and domain box.
Auth is using winbindd below:
## Set up auth_param. Src was built with --enable-auth="basic"
auth_param basic program /usr/local/samba/bin/ntlm_auth \
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm UCM Secure Domino Web Access
auth_param basic credentialsttl 2 hours
Any ideas, really stuck with this one? Unfortunately I have no control
over the asp application, and it does require Integrated
authentication.. Squid logs seem to be normal.
Andrew
-- Andrew McKinneyReceived on Wed Mar 02 2005 - 07:19:48 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:01 MST