Hi again,
We can't get NTLM passthrough to work in our initial tests. This could
well be a problem with our ISA server set up (it's proved a bit
difficult to get a reliable configuration so far), but I have two concerns:
1. We need NTLM passthrough to pass credentials on to an upstream server
rather than to the end website (i.e. the --proxy-ntlm option in curl).
Is this supported?
2. Are there any compile-time configuration options I will need for this
to work? Do we need to compile any NTLM auth helpers?
Thanks for any help.
Steffan
Henrik Nordstrom wrote:
mån 2007-01-15 klockan 14:53 +0000 skrev Steffan Corley:
1. Is NTLM passthrough actually implemented?
Yes.
I can find nothing in the Squid documentation.
Hmm.. thoght we had a blurb about this in the release notes, apparently
not... I'll make sure there is one for the next release.
Does it do what I would need for this to actually work (i.e. maintain
a 1-1 mapping between client connections and connections to the
upstream proxy)?
You only need to do stuff if you don't want the feature.. (other than
upgrading)
2. Will the cached pages get served to different users without
checking whether the upstream ISA server would have blocked them for
this user?
If they are cacheable yes, or at least that's the intention. Have not
verified.
I.e. if user A visits www.dodgy.com and is not blocked by ISA server,
will www.dodgy.com be served from the cache to user B regardless of
whether the ISA server would have blocked them or not.
Probably, if the page was cacheable.
Regards
Henrik
