Comment #8 on issue 8325 by [email protected]: NTLM authentication to a proxy doesn't work if Privoxy sits in between http://code.google.com/p/chromium/issues/detail?id=8325
igitur: Thanks for confirming BASIC auth is used by Firefox and current DEV release (2.0.166.1). I'd still like to find out why Firefox selects BASIC over NTLM. When a server/proxy accepts multiple auth schemes, Chromium selects the auth scheme with the highest score: - BASIC: 1 - DIGEST: 2 - NTLM: 3 - Negotiate: 4 (proposed, not yet implemented) This is why Chromium selects NTLM over BASIC. The BASIC auth scheme has the lowest score because it sends the username/password unencrypted to the proxy. Now, a server/proxy could indicate its preference by listing the auth schemes from most favorable to least favorable. MSDN documents that "WinINet chooses the first method it recognizes." http://msdn.microsoft.com/en-us/library/aa384220(VS.85).aspx (WinINet is Internet Explorer's HTTP library.) I don't know what criteria Firefox uses. It would be nice to find out using Wireshark the order in which your company proxy lists BASIC and NTLM in the "Proxy-Authenticate" response headers. If you can't get that info using Wireshark, we could add temporary logging code to Chromium for you to get that info. In comment 5 you said IE8b2 doesn't work through Privoxy 3.0.11 at all. Does IE work through Privoxy 3.0.10? -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
