On Mon, 13 Oct 2003, Ilya wrote: > Then how does squid define whether a current http-request > belongs to an authorized user or not?
By the NTLM-over-HTTP authentication state of the client connection. > In HTTP authentication > scheme each http-request contains username|password, which > help squid (or authentication helper) to identify user. Correct. NTLM-over-HTTP is slightly different. See http://devel.squid-cache.org/ntlm/ and the references from there for more details if you want to know what happens under the hood. If not it is sufficient to know that the client authenticates the connection to Squid using NTLM/Lanman authentication method and from this Squid knows the users login name. Regards Henrik
