Re: [squid-users] ntlm_auth credentials not being cached

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 15 Feb 2005 10:21:50 +0100 (CET)

On Tue, 15 Feb 2005, Adam Clark wrote:

> I'm not sure what is going on here, but my clients tend to get denied
> twice for Every request. I would expect this for the first time the
> client requested A resource, not on every subsequent request. The log
> below shows this activity.

Just an effect of the Microsoft brain damage when they designed the NTLM
over HTTP authentication protocol.

see http://devel.squid-cache.org/ntlm/ for details if interested.

Why on earth they dit not model the NTLM over HTTP authentication scheme
along the lines of Digest I do not know, but probably they just took the
easy path and made a quick hack.

> I'm unsure if the max_ntlm_challenge_lifetime Has anything to do with
> it.

No, it is only related to the amount of queries sent to the helper for the
same traffic. Traffic Squid<->clients is the same.

Regards
Henrik
Received on Tue Feb 15 2005 - 02:21:53 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST