Re: [squid-users] Workaround with NTLM Website and NAT

From: Mark Elsen <mark.elsen@dont-contact.us>
Date: Tue, 7 Feb 2006 13:50:12 +0100

> My situation is simple:
>
> A web site is using NTLM authentication ans ask the user for credentials
> (without squid).
> Our squid goes out trhough a NAT connection, then when the user tries
> with squid configured, and IIS error shows up in the browser saying:
>
> You are not authorized to view this page
>
> You do not have permission to view this directory or page using the
>
> credentials that you supplied because your Web browser is sending a
>
> WWW-Authenticate header field that the Web server is not configured to
>
>....

   http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.14

   Some extracts from this FAQ section :

+We cannot proxy connections to a origin server that use NTLM
authentication, but we can act as a web accelerator or proxy server
and authenticate the client connection using NTLM.
...

+The protocol has several shortcomings, where the most apparent one is
that it cannot be proxied.
....

M.
Received on Tue Feb 07 2006 - 05:50:14 MST

This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:03 MST