Andre Albsmeier wrote:
On Thu, 10-Sep-2009 at 14:55:23 -0400, Navjeet wrote:
We have been using squid in our development environment. Squid has
been forwarding all the internet bound traffic to a proxy server that
did not need any authentication until now. But that has changed now
and now we have use another proxy server that uses NTLM based
authentication. Now our servers in this development environment only
have local users (users logging in are not authenticated Windows AD).
Does the Squid NTLM authentication setup still work in this setup? Can
the NTLM setup be configured to use specified user (and password
hopefully encrypted ) that can be specified in some configuration
file. This is needed as many of our applications (Tomcat, ESB etc )
are headless (i mean not just a web browser) and they now need to go
thru this new proxy server.
If you want something like this:
no auth NTLM auth
clients -------> squid ---------> NTLM based proxy ---> world
I think this is not possible with squid. I worked around this
same problem with cntlm using:
no auth no auth NTLM auth
clients -------> squid -------> cntlm ---------> NTLM based proxy ---> world
cntlm runs on the same machine as squid does. However, I were
happy if the cntlm functionality could be brought into
squid one day...
Your wish is granted ;)
3.2 will have Kerberos login to cache_peer servers. The code is already
committed to the 3.HEAD alpha releases.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.13
