AW: [squid-users] force basic NTLM-auth for certain clients/urls

one small change:

acl javaNtlmFix browser -i java
acl javaConnect method CONNECT
header_access Proxy-Authenticate deny javaNtlmFix javaConnect
header_replace Proxy-Authenticate Basic realm="Internet"
 
now only https/ssl access from java will have basic auth and so a password dialog.
normal http access will work with ntlm challenge response.

thanxs again

markus

>-----Ursprüngliche Nachricht-----
>Von: Rietzler, Markus (Firma Rietzler Software / RZF)
>Gesendet: Dienstag, 16. Oktober 2007 18:17
>An: 'Chris Robertson'; squid-users@squid-cache.org
>Betreff: AW: [squid-users] force basic NTLM-auth for certain
>clients/urls
>
>thanxs for that hint - it worked as a fix
>
>i have addes this to my squid.conf
>
>acl javaNtlmFix browser -i java
>header_access Proxy-Authenticate deny javaNtlmFix
>header_replace Proxy-Authenticate Basic realm="Internet Access"
>
>now any java-client (java web start, java or applets in
>browser) will only see the basic auth scheme.
>a username/password dialog pops up and i have to enter my credentials.
>
>any other client (firefox, ie) still se both NTLM and Basic
>scheme and use NTLM challenge response to authenticate...
>
>the little drawback is, that there is that little nasty dialog
>but connection via proxy is working...
>
>thanxs
>
>markus
>
Received on Wed Oct 17 2007 - 06:35:42 MDT