Re: [squid-users] Issues with Squid and authenticated sites

From: Henrique Machado <henrique.cicuto_at_gmail.com>
Date: Thu, 12 Jun 2008 17:22:10 -0300

> And because you told Squid to access anonymous FTP.
>
> Authenticated FTP uses URLs on the form
>
> ftp://user:password@host/
>
> with some browsers you can leave out the :password part and Squid will
> prompt for the password. Most browsers fail this however...

Indeed. Some people also told me that, but the only different thing is
the message saying that "User <name_of_the_user> cannot log in".
What can I do?

> Squid does not log the password component of the requested URL.

I checked on that. You�re right, sorry about that. But the FTP still
opens as read-only. Any ideas?

I checked the squid manuals for any options related to ftp management,
but none of them helped me out :(

2008/6/12 Henrik Nordstrom <henrik_at_henriknordstrom.net>:
> On ons, 2008-06-11 at 22:34 -0300, Henrique Machado wrote:
>
>> The problem is: everytime when trying to access a website that asks
>> for a user and a password (some FTP sites and even some websites), I
>> don�t receive the "INPUT USERNAME AND PASSWORD" box.
>> When I had no authentication method running in Squid, I�d get an error
>> message "when trying to authenticate. Squid sent the command
>> FTP<password> and received the reply �User anonymous cannot log in�"
>> (this one is for FTP sites).
>
> And because you told Squid to access anonymous FTP.
>
> Authenticated FTP uses URLs on the form
>
> ftp://user:password@host/
>
> with some browsers you can leave out the :password part and Squid will
> prompt for the password. Most browsers fail this however...
>
>> All around the world I have searched for an answer, and I always
>> received the same one: "Place the username and password in the URL".
>> K, fine, that works, partially, because the FTP always opens as
>> read-only (and also the idea of having users�s passwords in our log
>> files is against our security policy).
>
> Squid does not log the password component of the requested URL.
>
>> The same goes for the websites that require authentication (this
>> situation happens mostly when it�s an authentication method from
>> Apache or IIS): no authentication box.
>
> That's a different problem. Should work out of the box except for sites
> using NTLM authentication. For those you need to use Squid-2.6 or 2.7 as
> Squid-3 do not yet have the needed workarounds to play well with
> Microsofts bending of the HTTP message model...
>
> Regards
> Henrik
>
Received on Thu Jun 12 2008 - 20:22:13 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 13 2008 - 12:00:04 MDT