Alan Lehman wrote:
The order in which our auth_param lines are configured can alter the
first authentication method tried. You will need to look at the
debugging trace in cache.log to see which is generating which
question
Amos
Only basic is enabled:
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
Do I need to select a program for basic?
found in cache.log:
2009/01/08 14:38:19.713| CacheManager::registerAction: registering
legacy basicauthenticator
2009/01/08 14:38:19.713| CacheManager::findAction: looking for action
basicauthenticator
2009/01/08 14:38:19.713| CacheManager::registerAction: registered
basicauthenticator
2009/01/08 14:41:22.010| CacheManager::registerAction: registering
legacy basicauthenticator
2009/01/08 14:41:22.010| CacheManager::registerAction: registered
basicauthenticator
The OWA web server has both basic and "Windows Integrated
Authentication" enabled. If I disable "windows integrated", OWA works
fine, but I need activesync also, which does not work without "windows
integrated" enabled.
Thanks,
Alan
Um, further on my other email.
Try some of the settings to disable pass-thru on the specific ports
and/or peer:
http://wiki.squid-cache.org/Features/ConnPin
My config pretty much follows the wiki example for OWA accelerator. Squid 3.1.0.3. I'm using the same port for OWA and Activesync. I just added connection-auth=off on https_port and removed all auth_param lines, and that took care of my problem.
Before I go recommending this as a general fix in 3.1, are BOTH of those
changes needed for it to work?
I know there are people using Squid+OWA in multi-mode who may need auth
for other things. Can we get away with just "connection-auth=off" on the
port?
Amos
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE11
Current Beta Squid 3.1.0.3
