[squid-users] status for caching IIS websites using NTLM ?

From: Joel CARNAT <joel@dont-contact.us>
Date: Wed, 25 Oct 2006 23:37:14 +0200

Hi,

My Squid proxifies every web access for my WinXP clients.
The only thing that bugs is authentication to internal IIS servers using
"native Windows" authentication.

From what I read, this is due to the way NTLM is build - requiring
session re-use (http://wiki.squid-cache.org/NTLMIssues).

I found mails stating that this is not supported (yet) but the more
recent was from 2005.

What I can't make sure is if this is solved as of 2.6-STABLE.
I read "Authentication enhancements including Negotiate/Kerberos
support, extra workarounds for NTLM clients and others using Microsoft
Integrated Login." in the Changelog so I tried installing 2.6 (from
OpenBSD packages) but the IE client still fails authenticating.

I am not talking about authenticating users onto Squid to be allowed to
use it as a Web proxy, but really use Squid to proxify authentication
process to IIS web servers.

So, is Squid (>= 2.6) able to proxify NTLM authentication so that I can
achieve the following scenario:
(Internet Explorer) <-> (Squid) <-> (IIS website using NTLM authent.)

If so, what's the first available version ? And what are the conf
keywords to look for ?

Thanks a lot for any help!
        Jo
Received on Wed Oct 25 2006 - 15:37:24 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST