Re: [squid-users] disable ntlm_auth for java

From: Andre Fernando Goldacker <squid@dont-contact.us>
Date: Thu, 28 Sep 2006 10:41:32 -0300

Hello!

I had the same problem and I did the same thing you are thinking about.
I bypassed authentication for java stuff. I've read many things
including the sun knowledge base and there are many issues regarding
authentication with the jvm, especially with ntlm!
You can solve this by creating an acl like this:
acl java_jvm browser Java/1.4 Java/1.5
http_access allow java_jvm

Remember to keep it in front of any http_access lines regarding
authentication, otherwise it won't work.

I haven't worked out the windows update issue since I only do it in my
servers and when I do I make a NAT rule in my firewall, but I think it
has something to do with 443 port (ssl).

Cheers,

André

Hitzler, Siegfried (Exchange) wrote:
> Hello,
>
> We authenticate our users over ntlm_auth. The problem is if the load a
> Java-Applet which is implemented on a Secure Site (www.netbanking.at), Java
> pops up a Windows and force the users to enter their username, password and
> domain to load the Applet. Is there a way to disable authentication for
> Java-Applets or for some sites?
>
> Same shit on Windows Update Site. Site is searching for needing updates when
> suddenly an error apears.
>
> authentication lines in squid.conf looks something like this:
>
> auth_param ntlm program /usr/lib/squid/ntlm_auth DOMAIN/PDC auth_param ntlm
> children 10 auth_param ntlm max_challenge_lifetime 2 minutes
>
> Would be realy greate if somebody can help me out of this problem!
>
> Thanks and best regards
>
> Siegfried
>
>
>
Received on Thu Sep 28 2006 - 07:40:36 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Oct 01 2006 - 12:00:04 MDT