Hi Neil,
At 12.08 20/07/2005, Neil A. Hillard wrote:
Hi,
some of my users are having a problem accessing a site that
uses NTLM authentication, through our forward proxy (non intercepting).
I am fully aware of the problems with NTLM on web servers and have
pointed this out to webmaster of that site and although they have a
plan to change to Basic auth and SSL they haven't given any
timescales. Meanwhile our user needs to access the site. Our policy
says that all access should be via the proxy so we can't let them
out directly through the firewall.
What is strange is that squid (2.5-stable10) appears to be dropping
the 'WWW-Authenticate' header.
This is not strange: It' happens by design. NTLM must be NOT used
with proxy for security reasons:
http://www.squid-cache.org/mail-archive/squid-dev/200507/0066.html
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@xxxxxxxxxxxxxxxxx
WWW: http://www.acmeconsulting.it/
