Am Sonntag, 11. Juli 2010 schrieb Amos Jeffries: > Werner Opriel wrote: > > We are using a debian-Package of Squid 2.7 Stable3 on a Debian Lenny > > machine with ncsa-auth configured, acting as a central Internet-Proxy. > > > > All Users/Passwords are stored in /etc/squid/passwd on localhost and only > > authenticated users are allowed to surf on sites outside the intranet. > > There are no problems with authentication so far. > > > > But we have a problem playing videos from the side http://www.wdr.de, > > they do provide media-streams based on flash, for example: > > http://www.wdr.de/mediathek/html/regional/2009/07/30/aktuelle-stunde-kuen > >digung.xml > > > > Those pages can be accessed without problems and the starting picture of > > the video is displayed. When we try to play the video we are receiving > > "network error" and "file not found" within the flasharea-window after a > > few seconds. There is no problem playing an audio stream from this site > > or flash-videos for example from youtube.com or golem.de > > > > Our Clients, always with flashplugin installed: > > Firefox 3.5 (Win), Firefox 3.6 (Linux) and Chrome (Linux) . > > > > In the access.log we can see an authenticated user "test" surfin on > > www.wdr.de. > > When starting the video it would seem that he lost his authentication > > information and then ends in tcp-denied/407. > > When disabling NCSA-AUTH in squid, we can play the videos without any > > problems. > > <snip> > > It's clear the flash player is making it's own background HTTP requests > and not sending credentials. This is a flash player problem. > > You have a choice of putting up with it or letting the player through > your Squid without authentication. The headers you log show a few things > like User-Agent, source website and Content-Type you could match on to > identify its requests. Thanks Amos. But can you give me a hint how i have to configure squid for letting the flashplayer through it without authentication?
