Re: [squid-users] NTLM but still got pop-ups /w IE ?

From: Esteban Darreche <[email protected]>
Date: Thu, 28 Aug 2003 10:47:43 -0300

Pls check these issues

. Verify if the Ws that you're using for login is added to the Domain.
. Check if you're already logged into the Domain (not locally) from this WS.

----- Original Message -----
From: "Arief Kurniawan" <ariefk@centrin.net.id>
To: <squid-users@squid-cache.org>
Sent: Saturday, August 16, 2003 8:39 PM
Subject: [squid-users] NTLM but still got pop-ups /w IE ?

> Thanks to Henrik, I got the big picture of squid auth. Now I got this :
> - Samba 2.2.8a installed.
> - Squid 2.5 Stable 3 running well configured with :
> ./configure --sysconfdir=/etc/squid --enable-poll --enable-snmp
> --enable-auth="ntlm,basic" --enable-basic-auth-helpers="winbind"
> --enable-external-acl-helpers="winbind_group,wbinfo_group"
> --enable-ntlm-auth-helpers="winbind"
>
> Squid without authentication running well. But when authenticated, the
> pop-up asking Username & password always shows up even with IE 6.0.
> Something else I missed ?
>
>
> Regards,
>
> Arief K
>
> ----------------- squid.conf -------------------------
>
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
>
> cache_dir ufs /var/cache/squid 100 16 256
>
> #auth_param basic children 5
> #auth_param basic realm Squid proxy-caching web server
> #auth_param basic credentialsttl 2 hours
>
> auth_param ntlm program /usr/local/squid/libexec/wb_ntlmauth
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> auth_param basic program /usr/local/squid/libexec/wb_auth
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
>
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
>
> acl AuthorizedUsers proxy_auth REQUIRED
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> http_access allow all AuthorizedUsers
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access deny all
>
> visible_hostname h07mis12
>
> http_reply_access allow all
> icp_access allow all
>
> coredump_dir /var/cache
>
>
Received on Thu Aug 28 2003 - 07:48:05 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:16 MST