Well, looking wireshark carefully, i have identified some behaviours:
1- Firefox sends a GET with Kerberos auth;
2- Squid server reply with "HTTP/1.0 407 Proxy Authentication Required
(text/html)";
3- Firefox sends a new request, but with basic auth;
4- Squid server reply with "HTTP/1.0 407 Proxy Authentication Required
(text/html)" again;
5- Firefox sends a new request, but with Kerberos auth again;
6- Squid server reply with "HTTP/1.0 407 Proxy Authentication Required
(text/html)" again;
7- Firefox sends a new request, but with basic auth, again;
8- Squid server say OK, and the odyssey ands.
Comparing with IE, Kerberos auth process is the same, seems that firefox
requests do not arrive at the server squid.
Regards,
Allan Carvalho
Em 24/10/2013 19:02, Markus Moeller escreveu:
> Hi Allan,
>
> Can you take a capture of the traffic from your client to squid with
> wireshark ? Look at port 3128 (squid proxy port) traffic and in the
> details you can see the negotiate exchange. Can you compare what you
> see with IE and firefox ? Wireshark allows you to expand into the
> Negotiate details where you should see some unencrypted details (e.g.
> HTTP/squidsrv.example.com)
>
> They should look the same for IE and Firefox.
>
> Regards
> Markus
Received on Fri Oct 25 2013 - 13:38:02 MDT
This archive was generated by hypermail 2.2.0 : Fri Oct 25 2013 - 12:00:26 MDT