Yes
Yes
Nothing?
I think that the problem comes from the fact that the browser has no
idea about what the authentication will be (if any) when it first makes
the request.
Once the server says "Whoa, Why should I let you in?", the browser knows
that it needs to engage in an authentication process.
I could be wrong but I am sure that a quick Google will get you a full
description of the process.
Ron
On 30/09/2013 2:58 PM, Hooman Valibeigi wrote:
Hi
I have successfully configured kerberos authentication in squid 3.1.10
using squid_kerb_auth helper and tested it in IE and Chrome on machine
joined to a Windows 2008 domain controller.
I took a look at squid's access.log and recognized that almost 40% of
the requests have failed on the first attempt with TCP_DENIED/407 and
succeeded on the second. It seems that the browser does not send the
authentication header for every new connection thus fails on 1st
attempt.
Is this something normal with kerberos?
Is this not how ntlm works?
What can I do about it?
--
Ron Wheeler
President
Artifact Software Inc
email: rwheeler@xxxxxxxxxxxxxxxxxxxxx
skype: ronaldmwheeler
phone: 866-970-2435, ext 102
