On Mon, 2009-02-02 at 13:48 -0200, Henrique Machado wrote: > Morning, > > For quite some time I´ve wondered about something. > Certain applications worked perfectly with Squid in the past. > But, since we´ve integrated it with Active Directory (NTLM auth) some > applications just don´t work anymore, even if they do have > "authenticated proxy support". > What I´ve noticed about NTLM authentication with Squid is: > > 1) Application sends HTTP request (Firefox or IE, for instance) > 2) Squid receives the request and then returns HTTP code 407 to the > client (Proxy Authentication Required) > 3) The application receives the 407 code and asks the user for > authentication input (the browsers use the current logged user > credentials if inside an Active Directory domain) > 4) The application sends the authentication info > 5) Squid receives it, checks it and then does its work > > But, some applications, APT being a very simple example (and one of my > headaches) can´t ask for an input. And even configuring it to send > user´s credentials doesn´t seen to work (Squid keeps replying with > 407). Apt does not support NTLM; you need to configure 'basic' authentication as well as NTLM in squid. Cheers, Rob
Attachment:
signature.asc
Description: This is a digitally signed message part
