On 01/02/11 19:27, Saurabh Agarwal wrote:
> Hi All
>
> I am running Squid as a transparent proxy and can't authenticate to sharepoint server. If I bypass squid then everything works fine.
>
> I have not compiled Squid with any of the authentication related configurables
>
> --enable-auth="basic,digest,ntlm,negotiate" --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL" --enable-negotiate-auth-helpers="squid_kerb_auth" --enable-cache-digests --enable-ntlm-auth-helpers="SMB,fakeauth" --enable-external-acl-helpers="ip_user,ldap_group,unix_group,wbinfo_group".
>
> I see that sharepoint sends squid the following http headers in HTTP 401 response
>
> WWW-Authenticate: Negotiate\r\n
> WWW-Authenticate: NTLM\r\n
>
> But squid is not forwarding these headers to the client? If I bypass squid then everything works fine.
>
> Can someone please help here?
Negotiate and NTLM both require HTTP/1.1 persistent connections and also
some major hacks called connection pinning. Not all Squid support these
equally.
What version of Squid are you using? and with what configuration?
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.10 Beta testers wanted for 3.2.0.4Received on Tue Feb 01 2011 - 06:42:08 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 01 2011 - 12:00:04 MST