Search squid archive

RE: Unable to login to website when accessed via squid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I went ahead a filed a report bug: 2190 for those interested.

I wish I could provide some more data.  Does anyone know of any software
out there that could perform a transparent MITM on an SSL session so I
could effectively look at the HTTP headers? 

-----Original Message-----
From: Adrian Chadd [mailto:adrian@xxxxxxxxxxxxxxx] 
Sent: Tuesday, January 15, 2008 12:41 PM
To: Aaron Allen
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  Unable to login to website when accessed via
squid

On Tue, Jan 15, 2008, Aaron Allen wrote:
> As a test, I passed our squid proxy data up to Paros web proxy.
Effectively doing a MITM attack on our SSL data so I could see the HTTP
headers.  Interestingly, when I do this, I am able to login to the site.
Obviously I don't see anything unusual in the HTTP headers as everything
loads fine.  But, once I take Paros out of the mix the problem starts
again.
> 
> I am completely out of ideas at this point.  Has anyone else
experienced anything similar?

:) Have you filed a bugzilla report with the relevant information?



Adrian

> 
> -----Original Message-----
> From: Rob Hutton [mailto:rob@xxxxxxxxxxxx] 
> Sent: Monday, January 14, 2008 2:48 PM
> To: squid-users@xxxxxxxxxxxxxxx
> Cc: Aaron Allen
> Subject: Re:  Unable to login to website when accessed
via squid
> 
> We ran into this before with a site that on login was responding to a
post, 
> with a query variable that contained the session ID, with a redirect.
I 
> don't remember what the differences in behavior were, but they were
obvious 
> once we did some packet capturing and compared the two conversations.
> 
> It turned out, the site was doing something strange that did not break
with 
> the browser, but squid didn't like it.  If I remember right, the
redirect did 
> not contain the query string, but the browser would send it to the new
url 
> with the subsequent request while squid redirected to the new location
sans 
> the query string.
> 
> Thanks,
> Rob
> 
> Rob Hutton
> Service Manager
> GetUWired
> www.getuwired.us
> (877) 236-9094
> 
> 
> On Monday 14 January 2008 12:06:47 Aaron Allen wrote:
> > I have exhausted all my ideas on this one, so I am coming to you all
for
> > new ones.
> >
> > I am currently running Squid+Dansguardian as an explicit proxy on
our
> > network.? All traffic is passed through the proxy (including SSL
using
> > CONNECT) after NTLM authentication with squid.
> >
> > There is one website that our users are unable to login to when
accessing
> > the site via the proxy (if I manually bypass the proxy, the login
works
> > perfectly every time).? I have also bypassed Dansguardian and the
problem
> > is still present when just using Squid as the proxy.
> >
> > As a note, the entire site is SSLed, so all the data is done via
CONNECT.
> >
> > The site uses a web based login form.? When the login form is
submitted the
> > browser receives a "302 - Moved Temporarily" status from the server
> > redirecting it to the welcome page of the site (and passing along
the login
> > credentials).? However, whenever the site is accessed via the proxy,
the
> > welcome page returns an additional "302 - Moved Temporarily" status
> > redirecting the user back to the original login form.
> >
> > My first inclination is that it was a problem with the way this
particular
> > site was setup.? I have contacted the owners of the site and they
are
> > unaware of any problems and don't know why we would be getting
redirected
> > back to the original login page.? Additionally, is there any reason
that
> > the HTTPS request coming from the web browser via squid would look
any
> > different to the web server than the request that is not passed
through
> > squid?
> >
> > Of course I've checked log files and don't see anything unusual or
anything
> > being DENIED.
> >
> > I am running out of ideas, so if anyone has any pointers, I would
love to
> > hear them.
> >
> > Thanks!
> > Aaron
> 

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid
Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux