Could you try to get a network trace of a successfully authenticated http transaction? I would love to see how they do it... Thanks! On 1/2/09, Johnson, S <sjohnson@xxxxxxxxxxxxxxx> wrote: > That's too bad... I've set up numerous Bluecoat proxies and they do > have this capability. But of course, you're paying about $50k usd / > box. > > -----Original Message----- > From: Guido Serassio [mailto:guido.serassio@xxxxxxxxxxxxxxxxx] > Sent: Thursday, January 01, 2009 4:00 AM > To: Johnson, S; squid-users@xxxxxxxxxxxxxxx > Subject: Re: NTLM and transparent/interception confusion > > Hi, > > At 20.06 31/12/2008, Johnson, S wrote: >>I've been doing a lot of reading on this... I've got the proxy working >>in either of these two modes: >>1) As a browser configuration proxy >>2) with http_port 3128 transparent, in redirected mode >> >>I've got NTLM authentication working just fine with #1 above. However, >>with #2 I never get a password prompt. I don't really care about >>transparency; I just want to authenticate users that are outbound >>without having to configure their browser. >> >>I asked this question a couple of months back and there are people >>stating that they are doing the authentication with transparent mode. >>Some of the references I've found in my searches also seem to >>corroborate the possibility of this working (but it's not working for >>me). However, in the documentation it seems that this should not be >>possible. Am I barking up the wrong tree or is this truly possible? > > You cannot. > > Youa are mixing two very different and incompatible things: > > - Transparent/intercepting proxy > - NTLM transparent (silent) authentication, also known as Windows > integrated authentication > http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#head-e56904dd4dfe > 0e21e5c2903473c473d401533ac7 > > Regards and happy New Year > > Guido > > > > - > ======================================================== > Guido Serassio > Acme Consulting S.r.l. - Microsoft Certified Partner > Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY > Tel. : +39.011.9530135 Fax. : +39.011.9781115 > Email: guido.serassio@xxxxxxxxxxxxxxxxx > WWW: http://www.acmeconsulting.it/ > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > -- /kinkie
