On 26/04/2014 4:32 a.m., Walter H. wrote: > On 25.04.2014 17:12, Amos Jeffries wrote: >> On 26/04/2014 3:02 a.m., Walter H. wrote: >>> Hello, >>> >>> can someone please tell me, what my my cache_peer line must look like, >>> in order to authenticate with an active directory user on the parent >>> proxy? >> Using what type of authentication? >> >> Squid supports Negotiate/Kerberos and Basic >> >> Amos >> > Negotiate/Kerberos is the type of authentication; > > Thanks, > Walter > Then either: " login=NEGOTIATE " to login using the local proxies credentials. or, " login=PASSTHRU " to pass-thru the clients credentials untouched. The connection-auth=on setting should be optional, but if just using PASSTHRU does not work you may need to set it on both cache_peer and http_port lines. NOTE: there is no "relay" in HTTP. Each "hop" (proxy) logs into its parent(s) using its own credentials. We get away with PASSTHRU only when there is no interferrence in authentication by the local proxy. Amos
