Search squid archive

Problem with Https and NTLM on AD domain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear all:

  I have a problem with HTTPS and NTLM authenticate on the original server.

 The web server is using microsoft iis and using "integrated windows
authentication" with AD domain and with https.


 My test squid version is 3.1.4 on Redhat AS 5  and web server is
Microsoft 2003 Enterprise.


 Using squid, only NTLM is ok when protocol is http. but failed on https.

I decrypted the packet on wireshark, and found out that the Domain
name, User name and Host name is truncated to one word,
such as :
 the packet from client to squid is "GET / HTTP/1.1, NTLMSSP_AUTH,
User:192.168.0.3\jack"
 the packet from squid to web server became "GET / HTTP/1.1,
NTLMSSP_AUTH, User:1\j"

I'm not sure it is reated. because after i login with "A\j", it also
couldn't login in successfully.

when running squid with "-Nd1", some special message outputed , and I
also couldn't understood it's means.
"fwdNegotiateSSL: Error negotiating SSL connection on FD 10:
error:00000000:lib(0):func(0):reason(0) (5/0/0)
 TCP connection to 192.168.0.3/443 failed
"

I also tried with TPROXY mode, it also failed.

I'm looking forward to your reply.


Yours sincerely



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux