Re: [squid-users] SQUID + FIREFOX + ACTIVE DIRECTORY

Are you using any type of auth with your squid setup? I don't see it
mentioned in your post. I too would be interested in knowing how you
got integrated NTLM auth through firefox, if indeed you have.

On Wed, Oct 29, 2008 at 9:31 AM, Chris Nighswonger
<cnighswonger_at_foundations.edu> wrote:
> On Wed, Oct 29, 2008 at 10:23 AM, nairb rotsak <ipguru99_at_yahoo.com> wrote:
>> I am totally confused by this statement?.. as I have 300 people using firefox right now.. using Ubuntu 6.06, Samba3, Squid2.. and not a single one gets a user/pass prompt? I am not using it as a transparent proxy, it is listed in firefox under proxy settings (8080 because it goes to DG first.. but I have tested just Squid at 3128 and it works as well).. and I haven't touched anything else in firefox
>
>
> I'd be very interested in knowing what is different about your setup.
> I have fought this problem for several years now.
>
>
>>
>>
>>
>> ----- Original Message ----
>> From: Chris Nighswonger <cnighswonger_at_foundations.edu>
>> To: matlor <bfrobu_at_tin.it>
>> Cc: squid-users_at_squid-cache.org
>> Sent: Wednesday, October 29, 2008 8:48:39 AM
>> Subject: Re: [squid-users] SQUID + FIREFOX + ACTIVE DIRECTORY
>>
>> On Tue, Oct 28, 2008 at 6:18 AM, matlor <bfrobu_at_tin.it> wrote:
>>>
>>> I have configured squid with winbind integrated in the active directory of a
>>> windows 2003 domain.
>>> If I browse internet trough IE 7 everething is ok, no user and password
>>> prompted, because of the common login. While, if I open Firefox (2 or 3
>>> version), it prompts for user and password.
>>
>> One other note: While FF does support NTLM, it does not do transparent
>> auth as IE does. Hence the prompting for username/password.
>> Furthermore, due to M$ having a broken implementation of NTLM, FF will
>> at times repeatedly prompt ad infinitum. There is an open bug on this
>> at Mozilla, (https://bugzilla.mozilla.org/show_bug.cgi?id=318253) but
>> action on it is understandably slow. You can mess with FF's NTLM
>> related settings under 'about:config' to gain some respite. You can
>> also run a basic auth that authenticates against NTLM which for some
>> reason seems to avoid the multi-prompt issue. Something like:
>>
>> auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
>> auth_param basic children 2
>> auth_param basic realm somerealm
>> auth_param basic credentialsttl 2 hours
>> auth_param basic casesensitive off
>>
>> Regards,
>> Chris
>>
>>
>>
>>
>>
>
Received on Wed Oct 29 2008 - 17:42:28 MDT