>>>> I have problems with users connecting to websites on IIS servers not >>>> able to authenticate with user name and password. Some other user >>>> complains they cannot upload .NET. Will the chunked-encoding issue >>>> cause this? >>> On the authentication issue I tried changing log level to 9 for a >>> short time but it did not tell me much. Saw the POST when the >>> username and password was submitted but not much else. Its a IIS/6 >>> server with ASP.NET version 2. Looks to be using javascript to log >>> in. >>> >>> Any ideas what I can change on Squid to make it work? Its does this >>> both in transparent and non-transparent modes. I was hoping maybe >>> Squid v3 had some improvements that would make it work. >>> >> >> Interception 'transparent' mode ports do not even attempt to perform >> authentication. > > To clarify, interception/transparent proxy ports don't allow proxy > authentication. It should work just fine for authenticating to a web > server, be it via HTTP auth or a login form. > >> Though with most javascript methods HTTP authentication is >> not involved anyway. >> > > Given it's a form that's being POSTed, this doesn't sound like HTTP auth in > any case. > >> Making sure the interception and direct-proxy listening ports are >> different should fix it for most users. If the code itself is failing on a >> side-band authentication there is nothing you can do to fix it in squid. >> Only the sites webmaster can fix those. >> > > Unless Squid is configured to block some important header, or forced to > cache pages that are marked private, or... > > A look at your squid.conf (without comments) might give the list members a > better opportunity to help. My squid.conf is below. I am only trying to proxy and cache http and my cache is only really secured by the source IP address. Any ideas would be appreciated. Squid2.6stable20 was built like so. ./configure --enable-linux-netfilter --enable-storeio=ufs,aufs Matt http_port 8086 transparent hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache maximum_object_size 65536 KB cache_dir aufs /usr/local/squid/var/cache 96000 16 256 access_log /usr/local/squid/var/logs/access.log squid refresh_pattern ^ftp:144020%10080 refresh_pattern ^gopher:14400%1440 refresh_pattern .020%4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl our_networks src x.x.x.0/24 x.x.x.0/24 http_access allow our_networks http_access deny all http_reply_access allow all icp_access allow all tcp_outgoing_address x.x.10.2 all cache_mgr support@xxxx cache_effective_user squid cache_effective_group squid visible_hostname proxy.xxxx
