Re: [squid-users] HEAD method, NTLM authentication and browser cache policy setting

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 19 Feb 2005 16:38:09 +0100 (CET)

On Fri, 18 Feb 2005, Gilles Hamel wrote:

> www.shopathomeselect.com, www.agoraplus.com ...) , clients browser do HEAD
> requests but don't send their authentication tokens :
>
> 1108489166.618 8 10.2.10.27 TCP_DENIED/407 425 HEAD
> http://www.shopathomeselect.com/GR_check_site.html? - NONE/- text/html
> 1108489166.720 7 10.2.10.27 TCP_DENIED/407 424 HEAD
> http://www.shopathomeselect.com/GR_check_site.html? - NONE/- text/html
> 1108489166.757 10 10.2.10.27 TCP_DENIED/407 424 HEAD
> http://www.shopathomeselect.com/GR_check_site.html? - NONE/- text/html

This is most likely some other software running on the client computers,
not using the web browser..

Generally adding access controls allowing unauthenticated access for these
clients to the sites is the best way to go, unless you have a close
cooperation with the provider of the software and manage to convince them
to make their software work proper with proxies requiring authentication.

acl special_sites dstdomain www.shopathomeselect.com ....

http_access allow my_clients special_sites

Regards
Henrik
Received on Sat Feb 19 2005 - 08:38:10 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST