Re: Problems with HTTP authentication in digest scheme [2].

From: Mamy RAVELOJAONA <[email protected]>
Date: Mon, 03 May 1999 18:22:19 +0200

Henrik Nordstrom wrote:

> Mamy RAVELOJAONA wrote:
>
> > I am running Squid 2.2 stable1. When I try to authenticate in digest
> > scheme by a HTTP server, I always get a "401: Unauthorized" error".
> > Without the use of Squid, the same operation works properly.
>
> Digest authentication should work fine throught Squid. However, if the
> server uses a bad digest implementation using the client IP address in
> the nounce then it would be confused if you have more than one proxy..

The authentication in digest scheme is made by an Apache server 1.3.3,
and there is just one Squid proxy between the browser and the
HTTP server.

When I put high level debug on the Squid server ("debug_options=ALL,9"
and "log_mime_hdrs=on"), I saw that Squid send just a part of the HTTP
client authentication response (without the fields : realm,nonce,uri,
response and opaque) to the Apache Server. Is it normal or did I make
mistake in my Squid configuration ?

>
>
> > Is there anyone who can help me to solve this problem ?
>
> You aren't confusing digest authentication with Microsoft NTLM
> authentication are you? Miscrosoft NTLM does not work throught proxies
> or NAT devices.
>
> --
> Henrik Nordstrom
> Spare time Squid hacker

--
Mamy RAVELOJAONA
ALCATEL BUSINESS SYSTEMS
Tel : +33 (0)3 88 67 77 00 (#78867)
E-mail : mamy.ravelojaona@sxb.bsf.alcatel.fr
Received on Mon May 03 1999 - 10:14:29 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:12 MST