"Nikolaos Milas" <nmilas@xxxxxx> wrote in message news:4E7ACC03.7040005@xxxxxx... On 22/9/2011 2:35 Ãμ, Markus Moeller wrote:Did you follow the wiki http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos ? Did you use the -d option with squid_kerb_auth ?Many thanks Markus, I also discovered, after each authentication attempt from the browser, in squid cache.log the following errors: 2011/09/21 21:55:23| squid_kerb_auth: DEBUG: Got 'YR TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==' from squid (length: 59). 2011/09/21 21:55:23| squid_kerb_auth: DEBUG: Decode 'TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==' (decoded length: 40). 2011/09/21 21:55:23| squid_kerb_auth: WARNING: received type 1 NTLM token Does it help to pinpoint the problem?
A bit. Yor Kerberos setup seems not ro work as the client tries to use NTLM instead
Yes, I followed the directions posted there. Unfortunately, I found that these directions are missing many points and are focused on MS active directory integration (note: the -d option is not shown there as well).
Which points do you miss, so I can update the wiki ?
I also found on the Internet other useful directions like: http://klaubert.wordpress.com/2008/01/09/squid-kerberos-authentication-and-ldap-authorization-in-active-directory/ http://www.grolmsnet.de/kerbtut/ http://download.oracle.com/docs/cd/B19306_01/network.102/b14268/asokerb.htm http://www.howtoforge.com/debian-squeeze-squid-kerberos-ldap-authentication-active-directory-integration-and-cyfin-reporter ...which IMHO one has to combine creatively to make things work... Thanks again, Nick
<<attachment: smime.p7s>>
