[squid-users] Squid Not Forwarding Authentication Information To SharePoint

Hello,

I am currently testing out Squid as a reverse proxy for Microsoft
SharePoint services.

So far everything web-based is working great. Squid is passing
credentials to the back end server correctly through the use of
login=PASS, pages are loading correctly, etc...

There is one problem however. When a user opens up a Word document,
and tries to save or save as, the save/save as window hangs for about
30 - 45 seconds, and then eventually loads a much different looking
window than if not going through the reverse proxy. I can post
screenshots if it will help.

I finally turned on a packet sniffer to watch the traffic. I saved two
sessions: one using the proxy and one going direct to the server. The
only difference that I see is that the proxy isn't forwarding the
WWW-Authenticate header when performing the save/save as.

Going direct to the SharePoint server:

GET /Shared%20Documents/Forms/AllItems.aspx HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/vnd.ms-powerpoint,
application/msword, application/x-shockwave-flash, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Tue, 17 Apr 2007 20:19:37 GMT
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
IE6SP1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR
2.0.50727)
Host: xxxxxxx.xx.xx.xxx.xxx:4458
Connection: Keep-Alive
Cookie: WSS_KeepSessionAuthenticated=4458;
MSOWebPartPage_AnonymousAccessCookie=4458
Authorization: Negotiate xxxxx

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 56495
Content-Type: text/html; charset=utf-8
Expires: Mon, 02 Apr 2007 20:19:52 GMT
Last-Modified: Tue, 17 Apr 2007 20:19:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 12.0.0.4518
WWW-Authenticate: Negotiate xxxxx
X-AspNet-Version: 2.0.50727
Set-Cookie: WSS_KeepSessionAuthenticated=4458; path=/
Set-Cookie: MSOWebPartPage_AnonymousAccessCookie=4458; expires=Tue,
17-Apr-2007 20:49:52 GMT; path=/
Set-Cookie: http%3A%2F%2Fxxxxxxx%2Exx%2Exx%2Exxx%2Exxx%3A4458%2FDiscovery=WorkspaceSiteName=xxx&WorkspaceSiteUrl=xxx&WorkspaceSiteTime=xxx;
expires=Thu, 17-May-2007 20:19:52 GMT; path=/_vti_bin/Discovery.asmx
Date: Tue, 17 Apr 2007 20:19:51 GMT

Now through the proxy:

GET /Shared%20Documents/Forms/AllItems.aspx HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/vnd.ms-powerpoint,
application/msword, application/x-shockwave-flash, */*
Referer: http://xx.xxx.xx.xxx:4458/default.aspx
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
IE6SP1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; InfoPath.1; .NET CLR
2.0.50727)
Host: xx.xxx.xx.xxx:4458
Connection: Keep-Alive
Authorization: Negotiate xxxxx
Cookie: MSOWebPartPage_AnonymousAccessCookie=4458;
WSS_KeepSessionAuthenticated=4458

HTTP/1.0 200 OK
Date: Tue, 17 Apr 2007 20:25:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 12.0.0.4518
X-AspNet-Version: 2.0.50727
Set-Cookie: WSS_KeepSessionAuthenticated=4458; path=/
Set-Cookie: MSOWebPartPage_AnonymousAccessCookie=4458; expires=Tue,
17-Apr-2007 20:55:15 GMT; path=/
Set-Cookie: http%3A%2F%2Fxx%2Exxx%2Exx%2Exxx%3A4458%2FDiscovery=WorkspaceSiteName=xxx&WorkspaceSiteUrl=xxx&WorkspaceSiteTime=xxx;
expires=Thu, 17-May-2007 20:25:15 GMT; path=/_vti_bin/Discovery.asmx
Cache-Control: private, max-age=0
Expires: Mon, 02 Apr 2007 20:25:15 GMT
Last-Modified: Tue, 17 Apr 2007 20:25:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 56318
X-Cache: MISS from xx.xxx.xx.xxx
X-Cache-Lookup: MISS from xx.xxx.xx.xxx:80
Via: 1.0 xx.xxx.xx.xxx:80 (squid/2.6.STABLE12)
Connection: keep-alive

Any suggestions would be appreciated. Thanks.
Received on Tue Apr 17 2007 - 15:48:52 MDT