Search squid archive

Re: NTLM through proxy server?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On fre, 2007-08-24 at 21:23 -0300, Diego Woitasen wrote:

> ok, is protocol specific, but I read the protocol and I can't
> undertand why. The Client and the Server need to see themselves? Or Is
> a  conexion multiplexation problem in the proxy?


HTTP is message oriented, based on self-contained messages being passed
over unspecified transports, with transports being hop-by-hop (i.e.
browser<->proxy and proxy<->server is independent transports).

NTLM is connection oriented, based on connection state. Only masqueraded
to look like an HTTP authentication scheme, not at all acting as one.

Thus proxying of NTLM requires the proxy to
1. Detect that the NTLM scheme is being used.
2. Then make a strict association between client connection and server
connection
3. and also remember that requests seen on this client connection is
using authentication even if the messages themselves do not contain any
authentication related information at all.

Which is quite different from how an HTTP proxy normally operates.

Regards
Henrik

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux