AW: [squid-users] Apps use NTLM against negotiate but do not fallback to basic if that fails

From: Stefan Bauer <>
Date: Thu, 2 Aug 2012 11:19:18 +0200

-----Urspr√ľngliche Nachricht-----
Von: Amos Jeffries <>
> > because it can not deal and should not deal with NTLM only kerberos. I
> expected to have an automatically fallback to basic in this case but opera does
> not! Why is that?
> You will have to ask Opera that one.

Ok - thank you. So it's a client issue.

> > If i force opera to disable NTLM - it uses basic auth and everybody is happy
> in my dep.
> > Can anyone please provide some deeper informations about that behavior?
> All Squid can do is advise the available auth mechanisms and/or that the
> credentials given have failed. It's up to the client app to keep track
> of what it has available and what is (or not) working.
> You could try the negotiate_wrapper Markus wrote. That permits the NTLM
> and Kerberos GSSAPI mechanisms to both be negotiated via Negotiate auth.

Well if i can not and do not handle NTLM - its useless - isn't it?

Received on Thu Aug 02 2012 - 09:17:54 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 02 2012 - 12:00:02 MDT