Re: [squid-users] Credentials not kept cross domain

From: Jose Ildefonso Camargo Tolosa <ildefonso.camargo_at_gmail.com>
Date: Fri, 11 Jul 2008 16:48:12 +1930

Hi!

On Fri, Jul 11, 2008 at 4:17 PM, Joseph Pich� <josephpiche_at_gmail.com> wrote:
>>> I have a setup with Squid 3.0 stable 7 and DansGuardian 2.9.9.4. I
>>> have been trying to set up authentication using ntlm_auth connecting
>>> to Active Directory. Everything works fine except I get prompted for a
>>> username and password for every single domain.
>>
>> Are you doing transparent interception?
>>
>> authentication and interception is mutually exclusive..
>>
>> For proxy authentication to work proper you need to have the browsers
>> configured to use the proxy, preferably on a shortname s� they know it's
>> a local resource and automatically accepts NTLM authentication without a
>> login prompt..
>
>
> I have iptables forwarding port 80 to port 8080 where dansguardian
> intercepts the request and forwards it to squid which listens on local
> 3128. So, there is no way to do this without configuring browsers? I
> would really like to get around that.

I use automatic browser configuration (via dns, dhcp ... or both ).
And I think you could add an informative page, via port redirection,
where you explain how to configure the browser for proxy
autoconfiguration (or how to configure the browser manually).

Hope this helps,

Ildefonso Camargo.
Received on Thu Jul 10 2008 - 21:18:15 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 11 2008 - 12:00:03 MDT