Hi All,
Please bear with me,
I have been successfully using squid2.5 as an (http) reverse proxy for the last couple of years. One application is Domino Web Access, which required a user to then POST login credentials to Domino. The other was is an asp website, that requires integrated windows authentication. These reverse proxies used winbindd to initially authenticate users off an NT4 password server, then pass to these apps. The asp application was displayed immediately, as I presume IE used the same credential as the initial squid authentication, to then pass onto the app.
After upgrading to Squid 3.0-PRE3 and SSL, I have been having problems with the ASP application proxy. The Domino Web App proxy is working very well.
The two config files are very similar, differing only on the cache_peer and http_port (for crt info) lines. The symptoms of the ASP issue are, that after I authenticate successfully to squid/winbindd, I am prompted with the old three field NTLM Ruth box. Username, password and domain box.
Auth is using winbindd below:
## Set up auth_param. Src was built with --enable-auth="basic"
auth_param basic program /usr/local/samba/bin/ntlm_auth \ --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm UCM Secure Domino Web Access
auth_param basic credentialsttl 2 hours
Any ideas, really stuck with this one? Unfortunately I have no control over the asp application, and it does require Integrated authentication.. Squid logs seem to be normal.
Andrew -- Andrew McKinney
