[squid-users] ntlm_auth problem from Anders Larsson on 2005-10-19 (squid-users)

From: Anders Larsson <anders@dont-contact.us>
Date: Wed, 19 Oct 2005 12:01:29 +0200

Hi!

I have ntlm_auth working against 2003 server native mode, kerberos works and
winbind to..

almost every sites works with the auth, but i have some sites that i get a login
screen for it. It seems like it's a java popup... for this specific site
below.

i have 443 as safe_port in acl

any hints how i can fix this? :)

this is from the logs

access.log

1129711741.749 0 citrix01.jll.jllad.se TCP_DENIED/407 467 HEAD http://pnomt.tietoenator.com:443/arsys/apps/shared/client_services.zip - NONE/- text/html
1129711741.750 0 citrix01.jll.jllad.se TCP_DENIED/407 610 HEAD http://pnomt.tietoenator.com:443/arsys/apps/shared/client_services.zip - NONE/- text/html
1129711741.751 0 citrix01.jll.jllad.se TCP_DENIED/407 467 HEAD http://pnomt.tietoenator.com:443/arsys/apps/shared/client_services.zip - NONE/- text

cache.log

[2005/10/19 11:00:54, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
  Got user=[adminanla2] domain=[JLL] workstation=[CITRIX01] len1=24 len2=24
[2005/10/19 11:00:54, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
  Got user=[adminanla2] domain=[JLL] workstation=[CITRIX01] len1=24 len2=24
[2005/10/19 11:00:54, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
  Got user=[adminanla2] domain=[JLL] workstation=[CITRIX01] len1=24 len2=24
[2005/10/19 11:00:54, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
  NTLMSSP Sign/Seal - Initialising with flags:
[2005/10/19 11:00:54, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x20088215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
[2005/10/19 11:00:54, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
  NTLMSSP Sign/Seal - Initialising with flags:
[2005/10/19 11:00:54, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x20088215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
[2005/10/19 11:00:54, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
  NTLMSSP Sign/Seal - Initialising with flags:
[2005/10/19 11:00:54, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x20088215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
[2005/10/19 11:00:55, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0xa208b207
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_NEGOTIATE_OEM
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED

// Regards Anders
Received on Wed Oct 19 2005 - 04:01:37 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:04 MST