Morning,
For quite some time I�ve wondered about something.
Certain applications worked perfectly with Squid in the past.
But, since we�ve integrated it with Active Directory (NTLM auth) some
applications just don�t work anymore, even if they do have
"authenticated proxy support".
What I�ve noticed about NTLM authentication with Squid is:
1) Application sends HTTP request (Firefox or IE, for instance)
2) Squid receives the request and then returns HTTP code 407 to the
client (Proxy Authentication Required)
3) The application receives the 407 code and asks the user for
authentication input (the browsers use the current logged user
credentials if inside an Active Directory domain)
4) The application sends the authentication info
5) Squid receives it, checks it and then does its work
But, some applications, APT being a very simple example (and one of my
headaches) can�t ask for an input. And even configuring it to send
user�s credentials doesn�t seen to work (Squid keeps replying with
407).
I presume that the behavior "wait until I ask for auth credentials" is
necessary for the complete functionality, so Squid just ignores the
info that�s initially sent.
Anyway I can solve that without having to put those applications
"outside the proxy"?
Best regards,
Henrique Cicuto Machado
Received on Mon Feb 02 2009 - 15:49:04 MST
This archive was generated by hypermail 2.2.0 : Thu Feb 05 2009 - 12:00:01 MST