Andre Albsmeier wrote:
> On Thu, 10-Sep-2009 at 14:55:23 -0400, Navjeet wrote:
>> We have been using squid in our development environment. Squid has
>> been forwarding all the internet bound traffic to a proxy server that
>> did not need any authentication until now. But that has changed now
>> and now we have use another proxy server that uses NTLM based
>> authentication. Now our servers in this development environment only
>> have local users (users logging in are not authenticated Windows AD).
>> Does the Squid NTLM authentication setup still work in this setup? Can
>> the NTLM setup be configured to use specified user (and password
>> hopefully encrypted ) that can be specified in some configuration
>> file. This is needed as many of our applications (Tomcat, ESB etc )
>> are headless (i mean not just a web browser) and they now need to go
>> thru this new proxy server.
>
> If you want something like this:
>
> no auth NTLM auth
> clients -------> squid ---------> NTLM based proxy ---> world
>
> I think this is not possible with squid. I worked around this
> same problem with cntlm using:
>
> no auth no auth NTLM auth
> clients -------> squid -------> cntlm ---------> NTLM based proxy ---> world
>
> cntlm runs on the same machine as squid does. However, I were
> happy if the cntlm functionality could be brought into
> squid one day...
Your wish is granted ;)
3.2 will have Kerberos login to cache_peer servers. The code is already
committed to the 3.HEAD alpha releases.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19 Current Beta Squid 3.1.0.13Received on Sat Sep 19 2009 - 12:29:21 MDT
This archive was generated by hypermail 2.2.0 : Sun Sep 20 2009 - 12:00:02 MDT