Thanks Henrik,
We're working with someone from Microsoft platform support so I'll let you know if anything comes of this.
Mark
At 03:29 PM 4/4/2005, Henrik Nordstrom wrote:
On Mon, 4 Apr 2005, Mark Krawec wrote:
Our configuration is squid-2.5.STABLE7 using squid_ldap_auth on RH 7.3. Our browser is IE 6.0 SP1 and users are running W2k. The problem is our users are getting an "invalid URL" error page from Squid when they go to a secure site as their first destination.
This is a bug in MSIE 6 (several versions) where it forgets to enable SSL when asking for authentication.
IIRC you can work around the problem by disabling persistent connections. Unfortunately incompatible with NTLM authentication.
I've never seen a definitive answer on why this was happening and what was at fault (IE or Squid).
It is clearly IE at fault here. IMHO it is even an MSIE security issue (not only a plain bug) as MSIE forgets to encrypt the request, which is supposed to have been securely encrypted and never visible in plain text to third parties like the proxy..
Regards Henrik
-- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.9.1 - Release Date: 4/1/2005
Mark Krawec mark@xxxxxxxxxxxxx | http://www.krawecnet.com
"Earth First" (We'll strip mine the other planets later)
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.9.1 - Release Date: 4/1/2005