fre 2006-09-15 klockan 13:51 -0700 skrev Fleming Shi:
> Folks,
>
> I know by reading the FAQ and archived messages that putting Squid
> between ISA and users, it will break the Integrated Authentication on
> ISA. And the only way is BASIC scheme on ISA. I'm curious why that
> is?
Because Microsoft ignored the HTTP specifications when they implemented
their NTLM over HTTP authentication mechanism.
> Are there some headers that squid is not passing thru or is this just
> IP layer security issue, client ports etc. Is there anything I can do
> to make this work?
You can upgrade to Squid-2.6 which has a workaround for the protocol
violations introduced by Microsoft.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sun Oct 01 2006 - 12:00:03 MDT