Hi,
I tried to implement the IP based NTLM authentification cache patch. But
when i rebuild my squid, it doesn't apply it. Apparently, the patch try
to modify authentificate.c which doesn't exist. I only have
authentificate.cc which is really different.
Fred
Henrik Nordstrom wrote:
> tis 2009-07-21 klockan 14:18 +0200 skrev Frederic THOMAS:
>
>
>> On previous version we could use following settings (ntlm parameters on
>> 2.5 squid and i noticed they didnt exists after 2.6) :
>>
>> "max_challenge_reuses" number
>> "max_challenge_lifetime" timespan
>>
>
> These settings were removed as the technique is both fragile and
> completely incompatible with NTLMv2.
>
>
>> What similar option on squid 3 can be used to reduce authentication
>> traffic ? Is there any solution to avoid an authentification request to
>> each connection and have a possibility to reuse a token id ?
>>
>
> You can try enable Negotiate authentication. Uses much less 407
> handshakes.
>
> Or see into having the IP based authentication cache forward-ported to
> Squid-3.
>
> Or better yet, see too having Squid updated to support HTTP/1.1,
> enabling the use of chunked encoding squid->client, which drastically
> reduces the amount of new connections seen.
>
> Regards
> Henrik
>
>
>
>
Received on Thu Jul 23 2009 - 16:01:37 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 23 2009 - 12:00:04 MDT