RE: [squid-users] Website Authentication

From: Hwee Khoon, Neo <hweekhoon.neo@dont-contact.us>
Date: Fri, 4 Feb 2005 11:33:45 +0800

This may help - http://ntlmaps.sourceforge.net/

tried it with success (but not tested on a system with many users).

user -> squid (child)-> ntlmaps (parent) -> NTLM website

It will be great if this Python script can be rewritten into C and
incorporated inside Squid

-----Original Message-----
From: Elsen Marc [mailto:elsen@imec.be]
Sent: Friday, February 04, 2005 1:26 AM
To: bofh@cox-internet.com; squid-users@squid-cache.org
Subject: RE: [squid-users] Website Authentication

>
> We are using Squid as a proxy server on our campus. One of
> the internal websites that our users use require NT
> authentication. IE: When they reach the website, an
> authentication box pops up and they sign on using their NT
> domain password. This works if the users are not using the
> proxy, but if they are using the proxy the login box does not appear.
>
> Any help would be appreciated.
>
>
  NTLM based auth can not be proxied trough http , as has been discussed
many times on the list. Due to it's design flaws.
You can :

    - have the webserver use standard auth mechanisms.
    - convert it to a https (ssl based) webserver which cloaks
      this problem, because then squid only becomes a data-linker so so
      speak between the browser and the secure based endpoint (webserver).

 M.
Received on Thu Feb 03 2005 - 20:33:50 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:01 MST