allan, did you configured firefoxwith the proxy fqdn squidsrv.example.com? you're testing IE and firefox on the same client machine, right? On Fri, Oct 25, 2013 at 1:49 PM, Markus Moeller <huaraz@xxxxxxxxxxxxxxxx> wrote: > Hi Allan, > > Before you see the Basic Auth does squid send a 407 with a list of auth > method in the header ? If not it looks like a bug in firefox. > > Markus > > "Allan Carvalho" wrote in message > news:BLU0-SMTP460D779A1F2EE168328E510D10D0@xxxxxxx... > > > Hi Markus, > > Thanks for the reply, Wireshark shows me de negotiate exchange done > correctly (GSS-API > Kerberos > Ticket > Realm > Server name), in both > (IE and Firefox), suddenly, a package shows the basic authentication > (Firefox), but i did not recognize why, the only difference I found was > in the field Cookie. > IE: Cookie: __utma=(...); __utmz=(...); EZCLIENT=(...) > Firefox: Cookie: EZCLIENT=(...) > > Firefox doesn't have the __utma and __utmz, would that be the problem? > > Regards > Allan Carvalho > > Em 24/10/2013 19:02, Markus Moeller escreveu: >> >> Hi Allan, >> >> Can you take a capture of the traffic from your client to squid with >> wireshark ? Look at port 3128 (squid proxy port) traffic and in the >> details you can see the negotiate exchange. Can you compare what you >> see with IE and firefox ? Wireshark allows you to expand into the >> Negotiate details where you should see some unencrypted details (e.g. >> HTTP/squidsrv.example.com) >> >> They should look the same for IE and Firefox. >> >> Regards >> Markus > > >
