-----Ursprüngliche Nachricht----- Von: Amos Jeffries <squid3@xxxxxxxxxxxxx> > > because it can not deal and should not deal with NTLM only kerberos. I > expected to have an automatically fallback to basic in this case but opera does > not! Why is that? > > You will have to ask Opera that one. Ok - thank you. So it's a client issue. > > If i force opera to disable NTLM - it uses basic auth and everybody is happy > in my dep. > > Can anyone please provide some deeper informations about that behavior? > > All Squid can do is advise the available auth mechanisms and/or that the > credentials given have failed. It's up to the client app to keep track > of what it has available and what is (or not) working. > > You could try the negotiate_wrapper Markus wrote. That permits the NTLM > and Kerberos GSSAPI mechanisms to both be negotiated via Negotiate auth. Well if i can not and do not handle NTLM - its useless - isn't it? Stefan
