I understand from Henrik Nordstrom's message on 1st September 2006 that Squid 2.6 supports NTLM passthrough.
I need to implement a Squid cache in front of an upstream proxy running ISA server (which is at the enterprise level). The ISA server authenticates using NTLM and then uses WebSense to filter web results. Crucially, while one user may be filtered for a particular site, another user may have access to that site.
Unfortuately, I have no control over the ISA server set up and no way to bypass it.
Is this possible? I see two possible problems:
1. Is NTLM passthrough actually implemented? I can find nothing in the Squid documentation. Does it do what I would need for this to actually work (i.e. maintain a 1-1 mapping between client connections and connections to the upstream proxy)?
2. Will the cached pages get served to different users without checking whether the upstream ISA server would have blocked them for this user? I.e. if user A visits www.dodgy.com and is not blocked by ISA server, will www.dodgy.com be served from the cache to user B regardless of whether the ISA server would have blocked them or not.
Thanks for any help.
Steffan
Received on Mon Jan 15 2007 - 07:54:09 MST
This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST