Sorry, you are right. You need to acl ntlmauth proxy_auth REQUIRED http_access allow ntlmauth http_access deny all This is a very simplicistic configuration though, please check squid.conf.documented for a more security-sensitive setup. On Thu, Aug 19, 2010 at 5:46 PM, Tuan Nguyen <ug32tqn@xxxxxxxxxxxxxx> wrote: > If I make that change everything will be denied and nothing will be > passed to the NTLM authenticator. Thanks. > > On Thu, Aug 19, 2010 at 4:18 PM, Kinkie <gkinkie@xxxxxxxxx> wrote: >> On Thu, Aug 19, 2010 at 4:45 PM, Tuan Nguyen <ug32tqn@xxxxxxxxxxxxxx> wrote: >>> http://wiki.squid-cache.org/Features/Authentication#How_do_I_prevent_Login_Popups.3F >>> >>> I have followed the above instruction but still getting login popups. >>> Basically I'm trying to force "Access Denied" page displayed to >>> unauthenticated users instead of the popup. Any help would be much >>> appreciated. Thanks. >>> >>> squid.conf: >>> ... >>> acl ntlmauth proxy_auth REQUIRED >>> http_access deny ntlmauth all >> >> If you change this to >> http_access deny all >> >> users failing to successfully authenticate at the first attempt will >> get no login popups. >> They will still get login popups if: >> - the client is not joined to a domain >> - the client is configured not to attempt automatica authentication to the proxy >> - the clients is not MSIE or Firefox (not sure about other browsers) >> >> -- >> /kinkie >> > -- /kinkie
