RE: [squid-users] FW: Allowing streaming media through NTLM Authentication

Hi Guys

I was able to work around this problem by matching on the streaming
media's User Agent string. My squid.conf looks like this:

acl AuthorizedUsers proxy_auth REQUIRED
acl streaming_media browser -i
"/usr/local/squid-2.6STABLE13/etc/user_agent.conf"
http_access allow streaming_media
http_access allow AuthorizedUsers

And the user_agent.conf file looks like this:

nsplayer
windows-media-player
quicktime

Mat

-----Original Message-----
From: Gavin White [mailto:white.gavin@gmail.com]
Sent: Tuesday, 7 August 2007 8:58 PM
To: Plant, Dean
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] FW: Allowing streaming media through NTLM
Authentication

Hi Dean,

how did you disable ntlm authentication? I want to allow certain
clients to bypass ntlm auth based on their IP address.

Thanks,

Gavin

On 8/7/07, Plant, Dean <dean.plant@roke.co.uk> wrote:
> Mauricio Silveira wrote:
> > Hi!
> >
> > I'm somehow "Happy" I'm not alone with this problem...
> >
> > I'm having this problem since squid 2.6STABLE9... (ALWAYS)
> >
> > I've tried everything possible without success...
> >
> > Let's try to get some progress on this matter, I'll dedicate some
time
> > to this soon (still this week or the next at most)
> >
> > If you have any progress, please post it here.
> >
> > Let's be sure of the problem... try accessing these radios:
> >
> > http://www.radios.com.br/emissoras/transa_prpop.htm
> > http://www.radios.com.br/emissoras/transa_sppop.htm
> >
> >
> > The former uses http as protocol, so it will ask for user/password,
> > the latter uses mms as protocol, so it won't ask for user/password.
>
> I get the same results using squid-2.6.STABLE13-1.RHEL4.
>
> I have had to disable NTLM authentication (easy fix) for some sites
with
> streaming media but to be honest I have not had the time to fully
> investigate the cause.
>
> Dean
>
> >
> > As far as my small brain knows... that's mms that should be giving
> > headaches, not the http one!
> >
> > Please post back if you get the same results, I have to show my boss
> > I'm right, I'm not alone and i DO KNOW how to configure squid. :D
> >
> > I'll post here if I get it working, let's flame this discussion....
I
> > see everyone trying to get rid of streamings, but not trying to get
it
> > working without these "imperfections".
> >
> > Thanks,
> >
> > Mauricio
> >
> >> Hi
> >>
> >> Apologies if this has been discussed before but I couldn't find a
> >> solution for my exact problem in the archives.
> >>
> >> I run Squid 2.6STABLE13 and have configured it to use NTLM
> >> authentication for all client requests. This is working properly
for
> >> standard traffic but I am hitting a problem with streaming media.
> >>
> >> I'm aware that most streaming media can't handle NTLM
authentication
> >> automatically and therefore when a user tries to access streaming
> >> media a login box pops up. I don't want the users being asked to
> >> authenticate so I'm trying to come up with a solution to instruct
> >> the proxy server to not authenticate the streaming media.
> >>
> >> I've tried matching on the streaming media mime types but ran into
> >> the problem in that the mime type is in the response and not the
> >> request and it is the request that is authenticated.
> >>
> >> Has anyone dealt with this issue before and how did you go about
> >> allowing streaming media through an authenticated proxy?
> >>
> >> Regards,
> >>
> >> Mathew Archibald
>
Received on Tue Aug 07 2007 - 20:08:39 MDT