one small change: acl javaNtlmFix browser -i java acl javaConnect method CONNECT header_access Proxy-Authenticate deny javaNtlmFix javaConnect header_replace Proxy-Authenticate Basic realm="Internet" now only https/ssl access from java will have basic auth and so a password dialog. normal http access will work with ntlm challenge response.
thanxs again markus >-----Ursprüngliche Nachricht----- >Von: Rietzler, Markus (Firma Rietzler Software / RZF) >Gesendet: Dienstag, 16. Oktober 2007 18:17 >An: 'Chris Robertson'; [email protected] >Betreff: AW: [squid-users] force basic NTLM-auth for certain >clients/urls > >thanxs for that hint - it worked as a fix > >i have addes this to my squid.conf > >acl javaNtlmFix browser -i java >header_access Proxy-Authenticate deny javaNtlmFix >header_replace Proxy-Authenticate Basic realm="Internet Access" > >now any java-client (java web start, java or applets in >browser) will only see the basic auth scheme. >a username/password dialog pops up and i have to enter my credentials. > >any other client (firefox, ie) still se both NTLM and Basic >scheme and use NTLM challenge response to authenticate... > >the little drawback is, that there is that little nasty dialog >but connection via proxy is working... > >thanxs > >markus >
