Re: [squid-users] Squid - Http authentication prompts on websites

From: Maarten Claes <[email protected]>
Date: Wed, 22 Mar 2006 14:44:29 +0100

On 3/22/06, Neil A. Hillard <hillardn@whl.co.uk> wrote:
> Hi,
>
> Maarten Claes wrote:
> > Hi,
> >
> > My squid proxy doesn't seem to get a login prompt from a webiste:
> > http://www.europanelsoverseas.be/webalizer/ (IIS webserver)
> >
> > When I did a packet capture on the machine, I saw that, in response to
> > the proxy's GET /webalizer HTTP/1.0, the webserver responded
> > immediately with 401 HTTP code.
> >
> > Does anyone know what I'm doing wrong here or what might cause this behaviour?
>
> Yes - the web server is using NTLM authentication. It is fundamentally
> broken and does not work through proxies (unless they specifically work
> around its brokenness - Squid does not).
>
> Switch it (or tell the admin to) basic or digest auth. If using basic
> auth you may want to use SSL so that the credentials aren't sent in the
> clear.
>
> HTH,

Hi Neil,

Does this mean that the NTLM code is proprieatary and changes alot so
squid can't keep up? There's no chance of fixing this on the squid
level then?

Thanks !

Maarten.

--
Maarten Claes
-------------------------------------------
Duct tape is like the force; it has a light side and a dark side, and
it holds the universe together.
Received on Wed Mar 22 2006 - 06:44:33 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST