[squid-users] NTLM auth kinda works depends on what type of auth is on top

From: Paul Matthews <paul.matthews@dont-contact.us>
Date: Mon, 19 Dec 2005 17:19:29 +1000 (EST)

Hi there,

I know that this mailing list seams to get a lot of squid NTLM questions
but I got one more.

For some reason when I have the basic authentication on the top of the
configuration file like so.

# ntlm

auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 hour
auth_param ntlm use_ntlm_negotiate on

# basic

auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm webserver realm
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive off

I can not authenticate against NTLM, the authentication box appears but
no matter what password/username I put in it wont accept it. The
authentication box also says, ‘connecting to ip-address’.

Wear as when I have it the other day around it kinda works.

# basic

auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm webserver realm
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive off

# ntlm

auth_param ntlm program /usr/bin/ntlm_auth
i-helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 hour
auth_param ntlm use_ntlm_negotiate on

I can authenticate against basic, the authentication box appears but I
enter a Active directory password/username and it accepts it. The
authentication box also says, ‘connecting to squid web caching proxy
server’.

Anyone have any idea’s as to what’s going on?
Received on Mon Dec 19 2005 - 00:19:33 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST