[squid-users] Apps use NTLM against negotiate but do not fallback to basic if that fails

From: Stefan Bauer <stefan.bauer_at_cubewerk.de>
Date: Thu, 2 Aug 2012 10:03:45 +0200

Dear Developers & Users,

I'm using squid with negotiate and basic-auth as fallback.

negotiate is squid_kerb_auth and
basic is squid_ldap_auth

Both work fine together. I noticed, that some apps responde to negotiate with NTLM - in this case, squid reports:

2012/08/01 10:19:14| authenticateNegotiateHandleReply: Error validating user via Negotiate. Error returned 'BH received type 1 NTLM token'

because it can not deal and should not deal with NTLM only kerberos. I expected to have an automatically fallback to basic in this case but opera does not! Why is that?

If i force opera to disable NTLM - it uses basic auth and everybody is happy in my dep.
Can anyone please provide some deeper informations about that behavior?

Any help is greatly appreciated.


Stefan Bauer
Received on Thu Aug 02 2012 - 08:02:15 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 02 2012 - 12:00:02 MDT