Re: [squid-users] Squid and NTLM passthrough

From: Steffan Corley <[email protected]>
Date: Tue, 16 Jan 2007 22:29:08 +0000

Thanks a lot for the clarification.

I've had a look at the cache_peer directive in the Squid 3.0 manual (not
at work, so can't try it). It looks to me like we would probably need
"login=PASS" - except that the 3.0 manual specifically says that this
only works with basic authentication. My understanding of the manual is
also that this would require us to have authentication turned on on the
Squid proxy, and then these authentication details would be passed up -
but what you say below leads me to believe that we don't need to make
any configuration changes to the Squid proxy.

Have I misread it, or am I missing something?

Thanks again for all your help.

Steffan

Henrik Nordstrom wrote:
> tis 2007-01-16 klockan 17:42 +0000 skrev Steffan Corley:
>
>
>> 1. We need NTLM passthrough to pass credentials on to an upstream server
>> rather than to the end website (i.e. the --proxy-ntlm option in curl).
>> Is this supported?
>>
>
> Yes. See the cache_peer directive. And don't disable server-side
> persistent connections if you are using NTLM.
>
>
>> 2. Are there any compile-time configuration options I will need for this
>> to work? Do we need to compile any NTLM auth helpers?
>>
>
> None.
>
> Regards
> Henrik
>
Received on Tue Jan 16 2007 - 15:29:23 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST