Thanks amos !!
I think auth_schemes can be a workaround.
I will try it !
Le 21/09/2021 à 02:49, Amos Jeffries a
écrit :
On
21/09/21 11:49 am, David Touzeau wrote:
When edge, chrome and IE try to establish a session, Squid claim
2021/09/21 01:17:27 kid1| ERROR: Negotiate Authentication
validating user. Result: {result=BH, notes={message: received
type 1 NTLM token; }}
This let us understanding that these 3 browsers try NTLM instead
of a Basic Authentication.
I did not know why these browsers using NTLM as they did not
connected to the Windows domain
Unlike Kerberos, NTLM does not require the machine to be connected
to a domain to have credentials. AFAIK the browser still has
access to the localhost user credentials for use in NTLM. Or the
machine may even be trying to use the Basic auth credentials as LM
tokens with NTLM scheme.
Why squid never get the Basic
Authentication credentials. ?
That is a Browser decision. All Squid can do is offer the schemes
it supports and they have to choose which is used.
Did i miss something ?
With Squid-5 you can use the auth_schemes directive to workaround
issues like this.
<http://www.squid-cache.org/Versions/v5/cfgman/auth_schemes.html>
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
|
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
