Re: [squid-users] Fixed Auth for cache_peer for anonymous ssrs

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 17 Mar 2011 00:13:33 +1300

On 16/03/11 21:36, Bleiker Gregory wrote:
> Hi
>
> I'm trying to set up squid so I can use it with MS Reporting Server
> (SSRS). The ssrs site has ms windows authentication (NTLM) enabled, as
> some reports need to be protected. Some however are "public". For these
> it is still required to log in. I would like to configure squid in such
> a way that if you call the ssrs site over squid (with the squid port
> number in the url) then it should always use some fixed credentials for
> the backend which I would specify in the squid.conf.
>
> I have tried to do this with
>
> cache_peer myssrs.mydomain.local parent 80 3120 no-query originserver
> name=3DmyAccel login=3Dmyuser_at_mydomain:mypassword
>
> but the user is still always asked to give his credentials.
>
> Is it possible to configure squid so that no username is asked and that
> the backend is always presented some fixed credentials?

Not for NTLM. Squid can only sends Basic auth credentials to peers.

The 3.2 beta releases can do Negotiate/Kerberos to peers which may be
supported by that system.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.11
   Beta testers wanted for 3.2.0.5
Received on Wed Mar 16 2011 - 11:13:40 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 17 2011 - 12:00:03 MDT