Thanks Henrik,
We're working with someone from Microsoft platform support so I'll let you know
if anything comes of this.
Mark
At 03:29 PM 4/4/2005, Henrik Nordstrom wrote:
>On Mon, 4 Apr 2005, Mark Krawec wrote:
>
>>Our configuration is squid-2.5.STABLE7 using squid_ldap_auth on RH 7.3.
>>Our browser is IE 6.0 SP1 and users are running W2k.
>>The problem is our users are getting an "invalid URL" error
>>page from Squid when they go to a secure site as their first destination.
>
>This is a bug in MSIE 6 (several versions) where it forgets to enable SSL
>when asking for authentication.
>
>IIRC you can work around the problem by disabling persistent connections.
>Unfortunately incompatible with NTLM authentication.
>
>>I've never seen a definitive answer on why this was happening and what was
>>at fault (IE or Squid).
>
>It is clearly IE at fault here. IMHO it is even an MSIE security issue
>(not only a plain bug) as MSIE forgets to encrypt the request, which is
>supposed to have been securely encrypted and never visible in plain text
>to third parties like the proxy..
>
>Regards
>Henrik
>
>
>
>--
>No virus found in this incoming message.
>Checked by AVG Anti-Virus.
>Version: 7.0.308 / Virus Database: 266.9.1 - Release Date: 4/1/2005
Mark Krawec mark@krawecnet.com | http://www.krawecnet.com
"Earth First" (We'll strip mine the other planets later)
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.9.1 - Release Date: 4/1/2005Received on Mon Apr 04 2005 - 19:07:00 MDT
This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT