[squid-users] squid with ntlm and citrix content redirect

From: <[email protected]>
Date: Tue, 28 Nov 2006 22:32:10 +0100

Hi all,

I have a problem about squid and the content redirect
provide by citrix.
I try to explain...
I've succefully installed and configured squid nt with ntlm
support... everything works fine, squid check correctly the
NT group in active directory.
Every pc's use squid and... citrix presentation server.
Presentation server has the content redirection feature
enable, so when a user click on http link inside a citrix
application the page will be open on client's internet
explorer instead inside the session.
But with squid configured on the client side the page never
open, it work only if the proxy is not configured on the
client side.
I've found this knowledge base on citrix support web site:
http://support.citrix.com/article/CTX911389
This is a know issue:
"When the client device uses a proxy server to connect to
the Internet, the HttpPing (HTTP PING) API fails and the
browser on the server is opened instead. The ICA clients do
not properly use HTTP keep-alive headers if Microsoft
Internet Explorer is configured to use HTTP 1.0. Because
integrated (NTLM) proxy authentication requires a persistent
connection to authenticate the client, the connection may
not succeed when NTLM authentication is performed with the
Web proxy."

By Citrix the resolution is: Enable Use HTTP 1.1 through
Proxy Connections.

I've tried but without success, it seems that squid doesn't
support HTTP 1.1 through Proxy Connections, so this is my
question...
There is a way to set-up squid to use this configuration
with ntlm authentication enable?
I've also tried with ldap instead ntlm, it's work correctly
but is not what I need because ldap is not use a trasparent
authentication.

Thanks in advance for all people that can help me....

Regards
Enrico Zocca
Received on Tue Nov 28 2006 - 14:32:36 MST

This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST