Troy wrote:
> Everything I have read says you have to bypass the
> proxy to access an NTLM enabled website. I just want to verify
> this is still the case.
>
This is not a squid problem but a limitation of the NTLM protocol which
was not designed to work through a proxy.
This protocol needs a direct end-to end connection. I think I remember a
discussion how it is possible to circumvent this but to my knowledge no
real solution nor a workaround has been proposed.
One could put it another way round: it is not a good idea to use NTLM on
a publicly accessible website, on the one hand because the website will
not be accessible from inside many corporate networks, on the other hand
because NTLM has a lot of security implications and limitation when run
on a publicly accessible server.
Yours,
Jakob Curdes
Received on Mon Feb 11 2008 - 12:48:40 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST