On Tue, 2003-10-07 at 20:19, Wilshire, Andrew wrote:
> I've tried re-ordering my http_access statements on the parent (see snip of > squid.conf below) to allow the child cache before the proxy_auth acl, > however then the usernames don't show up in the log :(. I've tried running > fakeauth_auth from the command line, but either I don't know the syntax or > it's broken becuase I never seem to be able to get it to return an error > code. I'm kinda hoping it just goes "OK" with any syntax, as that's exactly > what I'm looking for (hence if this is the case my IE session should stop > prompting for password!) You can't daisy chain NTLM authentication - it's incompatible with the session based nature of NTLM. What you can do is use the *:secret approach in your peer definition, to have the child proxy log into the parent with the username and a known secret. Then you'll have the username in the parent. The downside? you'll probably need to disable all non child access to the parent. Cheers, Rob -- GPG key available at: <http://members.aardvark.net.au/lifeless/keys.txt>.
signature.asc
Description: This is a digitally signed message part
