Thanks amos !!
I think auth_schemes can be a workaround.
I will try it !
Le 21/09/2021 à 02:49, Amos Jeffries a écrit :
On 21/09/21 11:49 am, David Touzeau wrote:
When edge, chrome and IE try to establish a session, Squid claim
2021/09/21 01:17:27 kid1| ERROR: Negotiate Authentication validating
user. Result: {result=BH, notes={message: received type 1 NTLM token; }}
This let us understanding that these 3 browsers try NTLM instead of a
Basic Authentication.
I did not know why these browsers using NTLM as they did not
connected to the Windows domain
Unlike Kerberos, NTLM does not require the machine to be connected to
a domain to have credentials. AFAIK the browser still has access to
the localhost user credentials for use in NTLM. Or the machine may
even be trying to use the Basic auth credentials as LM tokens with
NTLM scheme.
Why squid never get the Basic Authentication credentials. ?
That is a Browser decision. All Squid can do is offer the schemes it
supports and they have to choose which is used.
Did i miss something ?
With Squid-5 you can use the auth_schemes directive to workaround
issues like this.
<http://www.squid-cache.org/Versions/v5/cfgman/auth_schemes.html>
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users