Thank you. I will check it.
Amos Jeffries wrote:
> On 27/12/10 20:25, Senthilkumar wrote:
>> Hi All,
>>
>> I am using squid 3.1.8 with icap, ntlm scheme. Everything works fine.
>> I have a problem when i connect to a portal which is running on IIS
>> server and it has external authentication.(i am not sure about the
>> authentication used by the iis server, we hope it is ntlm )
>
> Being IIS it probably is, check the WWW-Auth* header in the replies to
> be sure. There may be alternative options you can make the browser use
> by stripping the broken one out.
>
>> When i connect to that site it asks for a username and password and it
>> continues to ask even after providing username and password, finally the
>> following error is displayed page cannot be displayed.
>> In access log i can find TCP_DENIED/401.
>> I have tried by enabling client_persistent connections on. But no luck.
>> How can we make portal to work with squid?
>
> NTLM does not work very well with HTTP to start with and does not work
> at all over the Internet without a lot of trouble.
>
> If it is NTLM:
> You must enable persistent connections to both servers and clients,
> enable authentication pass-thru hacks in Squid. Then cross your
> fingers and hope that every other proxy admin does the same. Complain
> to the website admin as well.
>
> The other less-likely possibility is that it is Kerberos auth (almost
> as bad as NTLM over the 'Net), or some other breakage.
>
> Amos
Received on Tue Dec 28 2010 - 03:02:16 MST
This archive was generated by hypermail 2.2.0 : Tue Dec 28 2010 - 12:00:03 MST