Search squid archive

Re: NTLM Auth and not authenticated pages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Chris,
Thanks, that pretty much cleared my doubt.



On Wed, Nov 26, 2008 at 6:33 PM, Chris Robertson <crobertson@xxxxxxx> wrote:
> Matias Chris wrote:
>>
>> Hello All,
>>
>> Im currently in the process of changing the way we authenticate users
>> from LDAP to NTLMSSP. Now we are in test phase and while ntlm auth is
>> working fine and allowing all users that are already logged to the AD
>> Domain to access the web without asking for their credentials, Im
>> seeing a lot of denied attempts at the log.
>> Is like for every page visited I have now two log entries, one is
>> denied, and the other one is allowed.
>>
>
> That's due to the design of NTLM.  See
> http://devel.squid-cache.org/ntlm/client_proxy_protocol.html
>
>> Is there any way to tweak squid to avoid doing this? AD DC is on the
>> same phisycal LAN.
>>
>
> I suppose you could refrain from logging 407 responses...
>
>> 1227614260.463      0 127.0.0.1 TCP_DENIED/407 2083 POST
>> http://mail.google.com/a/matiaschris.com.ar/channel/bind? - NONE/-
>> text/html
>> 1227614261.218    188 127.0.0.1 TCP_MISS/200 351 POST
>> http://mail.google.com/a/matiaschris.com.ar/channel/bind? mchrist
>> DIRECT/66.102.9.18 text/html
>>
>> Any help will be much appreciated. Thanks.
>>
>
> Chris
>

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux