Yes
Yes
Nothing?
I think that the problem comes from the fact that the browser has no
idea about what the authentication will be (if any) when it first makes
the request.
Once the server says "Whoa, Why should I let you in?", the browser knows
that it needs to engage in an authentication process.
I could be wrong but I am sure that a quick Google will get you a full
description of the process.
Ron
On 30/09/2013 2:58 PM, Hooman Valibeigi wrote:
> Hi
>
> I have successfully configured kerberos authentication in squid 3.1.10
> using squid_kerb_auth helper and tested it in IE and Chrome on machine
> joined to a Windows 2008 domain controller.
>
> I took a look at squid's access.log and recognized that almost 40% of
> the requests have failed on the first attempt with TCP_DENIED/407 and
> succeeded on the second. It seems that the browser does not send the
> authentication header for every new connection thus fails on 1st
> attempt.
>
> Is this something normal with kerberos?
> Is this not how ntlm works?
> What can I do about it?
>
>
>
-- Ron Wheeler President Artifact Software Inc email: rwheeler_at_artifact-software.com skype: ronaldmwheeler phone: 866-970-2435, ext 102Received on Mon Sep 30 2013 - 19:26:04 MDT
This archive was generated by hypermail 2.2.0 : Tue Oct 01 2013 - 12:00:04 MDT