[squid-users] AOL's webmail and logging in

From: Scott Jarkoff <jarkolicious@dont-contact.us>
Date: Sat, 9 Dec 2006 11:13:47 +0900

I have run in to this odd issue that appears to be only specifically
related to AOL and their login service. This affects anyone attempting
to login to AOL webmail and their other "walled garden" actions that
require one to be logged in before being offered the requested
service.

What happens is when one surfs to http://webmail.aol.com/ they are
redirected to the AOL mail login screen, which has a javascript based
form on the right-hand side of the page. When a user enters their
screen name and password and then clicks "sign-in" the page refreshes
a couple times and ultimately stops at the following URL:

http://registration.aol.com/_cqr/login?sitedomain=registration.aol.com&authLev=1&siteState=OrigUrl%3Dhttp%253a%252f%252fregistration%252eaol%252ecom%252fmail%253fs%255furl%253dhttp%25253a%25252f%25252fwebmail%25252eaol%25252ecom%25252f%25255fcqr%25252fLoginSuccess%25252easpx%25253fsitedomain%25253dsns%25252ewebmail%25252eaol%25252ecom%252526siteState%25253dver%2525253a1%252525252c0%25252526ld%2525253awebmail%25252eaol%25252ecom%25252526pv%2525253aAOL%25252526lc%2525253aen%25252dus%25252526ud%2525253aaol%25252ecom%25252526br%2525253aWebSuite%25252dCurrentProd&lang=en&locale=us&uitype=mini&_sns_bg_color_=b8d2e5&_sns_fg_color_=000000&_sns_err_color_=FF0000&_sns_link_color_=000000&mcAuth=%2FBcAG0V6BvoAAK9MA4B8TEV6BzYI4062lHNvp3IAAA%3D%3D

This page displays nothing. It never redirects the user back to their
webmail inbox or any other portion of AOL, nor does AOL ever show the
user logged in. The browser (IE and Firefox both) merely depict a
blank page with nothing. Here are the associated access.log entries:

  1165625307.334 23 127.0.0.1 TCP_DENIED/407 1946 GET
http://webmail-vdc.webmail.aol.com/22250/aol/en-us/RPC/CheckNewMessages.aspx?
- NONE/- text/html
  1165625307.551 663 192.168.47.187 TCP_MISS/200 666 GET
http://webmail-vdc.webmail.aol.com/22250/aol/en-us/RPC/CheckNewMessages.aspx?
NETWORK\username DIRECT/205.188.149.56 text/html
  1165625308.937 133 192.168.47.112 TCP_DENIED/407 1772 GET
http://www.aol.com/ - NONE/- text/html
  1165625309.013 44 192.168.47.112 TCP_DENIED/407 1901 GET
http://www.aol.com/ - NONE/- text/html
  1165625309.469 14 127.0.0.1 TCP_DENIED/407 1772 GET
http://www.aol.com/ - NONE/- text/html
  1165625311.041 2027 192.168.47.112 TCP_MISS/200 41810 GET
http://www.aol.com/ NETWORK\username DIRECT/64.12.131.2 text/html
  1165625313.705 17 127.0.0.1 TCP_DENIED/407 1859 GET
http://www.awm1.net/awm/www.aol.com/main/0/i.png - NONE/- text/html
  1165625314.094 903 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/0/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625314.512 17 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/10/i.png - NONE/- text/html
  1165625314.735 601 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/10/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625315.020 19 192.168.47.112 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/20/i.png - NONE/- text/html
  1165625315.093 52 192.168.47.112 TCP_DENIED/407 1991 GET
http://www.awm1.net/awm/www.aol.com/main/20/i.png - NONE/- text/html
  1165625315.305 17 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/20/i.png - NONE/- text/html
  1165625315.486 392 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/20/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625315.526 19 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/30/i.png - NONE/- text/html
  1165625315.716 576 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/30/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625315.868 17 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/40/i.png - NONE/- text/html
  1165625316.060 574 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/40/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625316.378 17 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/50/i.png - NONE/- text/html
  1165625316.486 17 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/60/i.png - NONE/- text/html
  1165625316.525 17 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/70/i.png - NONE/- text/html
  1165625316.558 384 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/50/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625316.833 553 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/60/i.png NETWORK\username
DIRECT/149.174.133.48 image/png
  1165625316.871 551 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/70/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625317.055 19 127.0.0.1 TCP_DENIED/407 1862 GET
http://www.awm1.net/awm/www.aol.com/main/80/i.png - NONE/- text/html
  1165625317.277 445 192.168.47.112 TCP_MISS/200 546 GET
http://www.awm1.net/awm/www.aol.com/main/80/i.png NETWORK\username
DIRECT/149.174.133.112 image/png
  1165625325.280 223 192.168.47.112 TCP_DENIED/407 1850 GET
http://eatps.web.aol.com:9000/open_web_adhoc? - NONE/- text/html
  1165625325.323 17 192.168.47.112 TCP_DENIED/407 1979 GET
http://eatps.web.aol.com:9000/open_web_adhoc? - NONE/- text/html
  1165625325.612 13 192.168.47.112 TCP_DENIED/407 1784 GET
http://webmail.aol.com/ - NONE/- text/html
  1165625325.658 42 192.168.47.112 TCP_DENIED/407 1913 GET
http://webmail.aol.com/ - NONE/- text/html
  1165625325.751 17 127.0.0.1 TCP_DENIED/407 1850 GET
http://eatps.web.aol.com:9000/open_web_adhoc? - NONE/- text/html
  1165625326.368 13 192.168.47.112 TCP_DENIED/407 1784 GET
http://webmail.aol.com/ - NONE/- text/html
  1165625326.384 14 192.168.47.112 TCP_DENIED/407 1913 GET
http://webmail.aol.com/ - NONE/- text/html
  1165625327.006 34 127.0.0.1 TCP_DENIED/407 1814 GET
http://registration.aol.com/mail? - NONE/- text/html
  1165625327.452 33 127.0.0.1 TCP_DENIED/407 1814 GET
http://registration.aol.com/mail? - NONE/- text/html
  1165625327.872 1470 192.168.47.112 TCP_MISS/302 879 GET
http://webmail.aol.com/ NETWORK\username DIRECT/64.12.168.119
text/html
  1165625328.726 34 127.0.0.1 TCP_DENIED/407 1814 GET
http://registration.aol.com/mail? - NONE/- text/html
  1165625328.969 1096 192.168.47.112 TCP_MISS/302 1071 GET
http://webmail.aol.com/_cqr/PortalCookieCheck.aspx? NETWORK\username
DIRECT/64.12.168.119 text/html
  1165625329.475 33 127.0.0.1 TCP_DENIED/407 1814 GET
http://registration.aol.com/mail? - NONE/- text/html
  1165625330.085 1116 192.168.47.112 TCP_MISS/200 8014 GET
http://registration.aol.com/mail? NETWORK\username DIRECT/64.12.129.11
text/html
  1165625330.227 306 192.168.47.112 TCP_DENIED/407 1901 GET
http://cdn.channel.aol.com/_media/registration/sns_landing.css -
NONE/- text/html
  1165625330.640 17 127.0.0.1 TCP_DENIED/407 1901 GET
http://cdn.channel.aol.com/_media/registration/sns_landing.css -
NONE/- text/html
  1165625331.021 794 192.168.47.112 TCP_MISS/200 3431 GET
http://cdn.channel.aol.com/_media/registration/sns_landing.css
NETWORK\username DIRECT/208.45.131.139 text/css
  1165625331.623 16 127.0.0.1 TCP_DENIED/407 1868 GET
http://my.screenname.aol.com/_cqr/login/jslogin.psp - NONE/- text/html
  1165625332.244 1222 192.168.47.112 TCP_MISS/200 14269 GET
http://my.screenname.aol.com/_cqr/login/jslogin.psp NETWORK\username
DIRECT/64.12.130.18 application/x-javascript
  1165625333.100 59 192.168.47.112 TCP_DENIED/407 1790 CONNECT
my.screenname.aol.com:443 - NONE/- text/html
  1165625333.238 90 192.168.47.112 TCP_DENIED/407 1919 CONNECT
my.screenname.aol.com:443 - NONE/- text/html
  1165625333.429 20 127.0.0.1 TCP_DENIED/407 1904 GET
http://webmail.aol.com/beacon/aol/en-us/BeaconLandingPage.html? -
NONE/- text/html
  1165625333.654 692 192.168.47.112 TCP_MISS/200 470 GET
http://webmail.aol.com/beacon/aol/en-us/BeaconLandingPage.html?
NETWORK\username DIRECT/64.12.168.119 text/html
  1165625335.215 1977 192.168.47.112 TCP_MISS/200 15767 CONNECT
my.screenname.aol.com:443 NETWORK\username DIRECT/64.12.131.18 -
  1165625405.187 11 192.168.47.112 TCP_DENIED/407 1790 CONNECT
my.screenname.aol.com:443 - NONE/- text/html
  1165625405.194 5 192.168.47.112 TCP_DENIED/407 1919 CONNECT
my.screenname.aol.com:443 - NONE/- text/html
  1165625406.147 953 192.168.47.112 TCP_MISS/200 9013 CONNECT
my.screenname.aol.com:443 NETWORK\username DIRECT/64.12.128.18 -
  1165625406.288 67 192.168.47.112 TCP_DENIED/407 1832 GET
http://registration.aol.com/_cqr/login? - NONE/- text/html
  1165625406.481 143 192.168.47.112 TCP_DENIED/407 1961 GET
http://registration.aol.com/_cqr/login? - NONE/- text/html
  1165625407.372 33 127.0.0.1 TCP_DENIED/407 1814 GET
http://registration.aol.com/mail? - NONE/- text/html
  1165625407.662 1179 192.168.47.112 TCP_MISS/403 278 GET
http://registration.aol.com/_cqr/login? NETWORK\username
DIRECT/64.12.129.11 -

If we run these requests through an ISA Server as a test then the
pages display properly. I am assuming that ISA is rewriting something
that causes the pages to display as planned.

We are running Squid 2.6.STABLE3 with integrated AD authentication.
Does anyone have any ideas what might be going on and have any ideas
for fixing this?

Regards,

Scott
Received on Fri Dec 08 2006 - 19:13:50 MST

This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST