Re: [squid-users] Problem with authentication on websites from Nicole Hähnel on 2008-06-24 (squid-users)

From: Nicole Hähnel <ml_at_nicole-haehnel.de>
Date: Tue, 24 Jun 2008 15:10:21 +0200

Amos Jeffries schrieb:
> Nicole Hähnel wrote:
>> Hi,
>>
>> we are running squid 3.0 STABLE6 on rhel5 without authentication for
>> the proxy.
>> We have an authentication problem on some websites.
>> Our users logging in with username and passwort to a site,
>> there is a link to an image database on another server of an external
>> provider.
>> Without proxy I get access to this site, with proxy I get a new login
>> form.
>> I think, username and password or some other login information for
>> the image database is committed in the background
>> and squid can not bypass this login.
>>
>> Does anybody know how I can fix this problem?
>
> Sounds like NTLM or some other auth method that can't be passed
> through a proxy. Are you able to provide us with the headers during
> these requests?
>
> Amos

Here are the headers...

http://xxx.service4fotos.com/xxx/start/index

GET /xxx/start/index HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: gridWidthSize=width=1280&height=799

HTTP/1.x 200 OK
Date: Tue, 24 Jun 2008 11:15:30 GMT
Server: Apache/2.2
Content-Type: text/html
Set-Cookie: xxx=lasturi&%2Fxxx%2Fstart%2Findex; path=/
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
----------------------------------------------------------
http://xxx.service4fotos.com/favicon.ico

GET /favicon.ico HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 302 Found
Date: Tue, 24 Jun 2008 11:15:31 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Location: http://xxx.service4fotos.com/xxx/favicon.ico
Content-Length: 333
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
----------------------------------------------------------
http://xxx.service4fotos.com/xxx/start/corporate/xxx%20Sportsday

GET /xxx/start/corporate/xxx%20Sportsday HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://xxx.service4fotos.com/xxx/start/index
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 200 OK
Date: Tue, 24 Jun 2008 11:15:32 GMT
Server: Apache/2.2
Content-Type: text/html
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
----------------------------------------------------------

http://xxx.service4fotos.com/xxx/start/index

GET /xxx/start/index HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Cookie: gridWidthSize=width=1280&height=799

HTTP/1.x 200 OK
Date: Tue, 24 Jun 2008 11:13:00 GMT
Server: Apache/2.2
Content-Type: text/html
Set-Cookie: xxx=lasturi&%2Fxxx%2Fstart%2Findex; path=/
X-Cache: MISS from proxy01.xxx.de
X-Cache-Lookup: MISS from proxy01.xxx.de:80
Via: 1.0 proxy01.xxx.de (squid/3.0.STABLE6)
Proxy-Connection: close
----------------------------------------------------------
http://xxx.service4fotos.com/favicon.ico

GET /favicon.ico HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 302 Moved Temporarily
Date: Tue, 24 Jun 2008 11:13:00 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Location: http://xxx.service4fotos.com/xxx/favicon.ico
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from proxy01.xxx.de
X-Cache-Lookup: MISS from proxy01.xxx.de:80
Via: 1.0 proxy01.xxx.de (squid/3.0.STABLE6)
Proxy-Connection: keep-alive
----------------------------------------------------------
http://xxx.service4fotos.com/xxx/start/corporate/xxx%20Sportsday

GET /xxx/start/corporate/xxx%20Sportsday HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://xxx.service4fotos.com/xxx/start/index
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 302 Moved Temporarily
Date: Tue, 24 Jun 2008 11:13:01 GMT
Server: Apache/2.2
Location: /xxx/start/corporate/xxx%20Sportsday?authrequest=1
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from proxy01.xxx.de
X-Cache-Lookup: MISS from proxy01.xxx.de:80
Via: 1.0 proxy01.xxx.de (squid/3.0.STABLE6)
Proxy-Connection: keep-alive
----------------------------------------------------------
http://xxx.service4fotos.com/xxx/start/corporate/xxx%20Sportsday?authrequest=1

GET /xxx/start/corporate/xxx%20Sportsday?authrequest=1 HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://xxx.service4fotos.com/xxx/start/index
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 403 Forbidden
Date: Tue, 24 Jun 2008 11:13:01 GMT
Server: Apache/2.2
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Expires: Tue, 24 Jun 2008 11:13:01 GMT
X-Cache: MISS from proxy01.xxx.de
X-Cache-Lookup: MISS from proxy01.xxx.de:80
Via: 1.0 proxy01.xxx.de (squid/3.0.STABLE6)
Proxy-Connection: close
----------------------------------------------------------
http://xxx.service4fotos.com/xxx/public/js/sha1.js

GET /xxx/public/js/sha1.js HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: */*
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://xxx.service4fotos.com/xxx/start/corporate/xxx%20Sportsday?authrequest=1
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 200 OK
Last-Modified: Mon, 14 May 2007 07:36:40 GMT
Accept-Ranges: bytes
Content-Length: 5865
Content-Type: text/x-js
Date: Mon, 23 Jun 2008 13:22:27 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Etag: "177618-16e9-430692d817200"
Expires: Tue, 24 Jun 2008 13:22:27 GMT
Cache-Control: max-age=86400
Age: 80242
X-Cache: HIT from proxy01.xxx.de
X-Cache-Lookup: HIT from proxy01.xxx.de:80
Via: 1.0 proxy01.xxx.de (squid/3.0.STABLE6)
Proxy-Connection: keep-alive
----------------------------------------------------------
http://xxx.service4fotos.com/xxx/public/icons/secure.gif

GET /xxx/public/icons/secure.gif HTTP/1.1
Host: xxx.service4fotos.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
Accept: image/png,*/*;q=0.5
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://xxx.service4fotos.com/xxx/start/corporate/xxx%20Sportsday?authrequest=1
Cookie: gridWidthSize=width=1280&height=799; xxx=lasturi&%2Fxxx%2Fstart%2Findex

HTTP/1.x 200 OK
Last-Modified: Mon, 14 May 2007 07:36:40 GMT
Accept-Ranges: bytes
Content-Length: 573
Content-Type: image/gif
Date: Mon, 23 Jun 2008 13:22:27 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Etag: "177900-23d-430692d817200"
Expires: Tue, 24 Jun 2008 13:22:27 GMT
Cache-Control: max-age=86400
Age: 80242
X-Cache: HIT from proxy01.xxx.de
X-Cache-Lookup: HIT from proxy01.xxx.de:80
Via: 1.0 proxy01.xxx.de (squid/3.0.STABLE6)
Proxy-Connection: keep-alive
----------------------------------------------------------
Received on Tue Jun 24 2008 - 13:10:29 MDT

This archive was generated by hypermail 2.2.0 : Wed Jun 25 2008 - 12:00:05 MDT