I have exhausted all my ideas on this one, so I am coming to you all for new ones.
I am currently running Squid+Dansguardian as an explicit proxy on our network. All traffic is passed through the proxy (including SSL using CONNECT) after NTLM authentication with squid. There is one website that our users are unable to login to when accessing the site via the proxy (if I manually bypass the proxy, the login works perfectly every time). I have also bypassed Dansguardian and the problem is still present when just using Squid as the proxy. As a note, the entire site is SSLed, so all the data is done via CONNECT. The site uses a web based login form. When the login form is submitted the browser receives a "302 - Moved Temporarily" status from the server redirecting it to the welcome page of the site (and passing along the login credentials). However, whenever the site is accessed via the proxy, the welcome page returns an additional "302 - Moved Temporarily" status redirecting the user back to the original login form. My first inclination is that it was a problem with the way this particular site was setup. I have contacted the owners of the site and they are unaware of any problems and don't know why we would be getting redirected back to the original login page. Additionally, is there any reason that the HTTPS request coming from the web browser via squid would look any different to the web server than the request that is not passed through squid? Of course I've checked log files and don't see anything unusual or anything being DENIED. I am running out of ideas, so if anyone has any pointers, I would love to hear them. Thanks! Aaron
