RE: [squid-users] Web Site Authentication

From: Chris Robertson <crobertson@dont-contact.us>
Date: Tue, 2 Aug 2005 10:40:54 -0800

> -----Original Message-----
> From: Mace.Scott@tatravelcenters.com
> [mailto:Mace.Scott@tatravelcenters.com]
> Sent: Tuesday, August 02, 2005 10:03 AM
> To: squid-users@squid-cache.org
> Subject: Re: [squid-users] Web Site Authentication
>
>
> Mace.Scott@tatravelcenters.com wrote on 08/02/2005 08:35:14 AM:
>
>> Mace.Scott@tatravelcenters.com wrote on 08/01/2005 02:54:42 PM:
>>
>> > Having a problem with certain sites that require authentication.
> Instead
>>
>> > of the window popping up with the fields to populate username and
>> > password, the url goes directly to a failed authentication page. I'm
>
>> > using Squid 2.5.STABLE3 with the x_forwarded_for,
> follow_x_forwarded_for
>>
>> > patch. I've looked through the archives, and can't seem to find
>> anything
>> > relevant.
>> >
>> > Is it not processing the WWW-Authenticate header properly? Thanks for
>
>> any
>> >
>> > assistance.
>> >
>> >
>
> OK, it looks like I'm making some progress in at least identifying where
> the error is.
>
> Apparently the site is returning WWW-Authenticate: NTLM headers and squid
> is not passing it on to the client.
> I looked through bugzilla, and it looks like all the bugs related to NTLM
> are for clients authenticating to squid, not to external web sites. What
> am I missing? Are the developers monitoring this list?
>
> I ran squid -k debug, and here is some output of that:

Cut for bevity. Here's a thread that should put some light on the subject:
http://www.squid-cache.org/mail-archive/squid-users/200406/0542.html

Choice quotes:
"NTLM authentication cannot be used with web proxy by Microsoft design."

and

"In Squid 2.5 there is a code section that blocks NTLM web authentication and get to you an authentication failure."

Chris
Received on Tue Aug 02 2005 - 12:41:00 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT