Markus.Rietzler@xxxxxxxxxxxxxx wrote:
we are running squid 2.6stable16 with ntlm auth. we use winbind to
support challenge response auth so that there is no user interaction or
password dialog popup.
is it possible to force basic auth - so that no ntlm-auth is used or
tried before - for certain clients (eg acl javavm browser java) or urls?
proxy-auth uses settings from auth_param but you can't define which
auth-schema being used, right?
Right.
markus
Perhaps it would be possible to use "header_access Proxy-Authenticate
deny java" and "header_replace" in a creative fashion to not tell the
java browser that NTLM is an authentication option. Given sufficient
free time, it would certainly be fun to tinker at...
http://www.squid-cache.org/Versions/v2/2.6/cfgman/header_access.html
http://www.squid-cache.org/Versions/v2/2.6/cfgman/header_replace.html
Chris
