G'day,

Squid-3.0 doesn't have the connection pinning support which proxying
NTLM requires.

I've deployed Squid-2.6 and Squid-2.7 in production at various
government / banking environments which use NTLM authenticated portal
sites to great success.



Adrian

2008/8/15  <[EMAIL PROTECTED]>:
> Greetings,
>
> An external IIS intranet site is accessed by some of our users.  The site
> requires authentication - possibly NTLM.  The users wanting access to the
> site are behind a squid proxy:
> Squid Cache: Version 3.0.STABLE7
> configure options:  '--prefix=/usr/local/squid'
>
> A previous version of squid (V2.6) which we were running popped up a
> username/password dialog box prompting for a username and password when
> this site was accessed.  I'm told that the authentication does work
> Squid Cache: Version 2.6.STABLE4-20061004
> configure options: '--enable-async-io' '--enable-poll' '--enable-gnuregex'
> '--sysconfdir=/global/proxy/etc' 'CC=gcc' 'CFLAGS=-O3'
>
> The user now does not get the authentication dialog - instead the message:
>
> You are not authorized to view this page
> You do not have permission to view this directory or page using the
> credentials that you supplied because your Web browser is sending a
> WWW-Authenticate header field that the Web server is not configured to
> accept.
> HTTP Error 401.2 - Unauthorized: Access is denied due to server
> configuration.
> Internet Information Services (IIS)
>
> I have checked the config options in squid.conf and none seem to indicate
> the difference between the two installations.
> A search has revelaled several posts similar to this but none mentions a
> solution.
>
> any assistance much appreciated.
> Tony
>
> ------------------------------------------------------------
> Tony Carter
> System Administrator
>
> NSW Department of Primary Industries
> Suite 5 Level 1 City Square
> 76 Harbour Dr
> Coffs Harbour  NSW  2450
>
> PO Box 530
> Coffs Harbour  NSW  2450
>
> Tel:  +61 2 6650 3120
> Fax:  +61 2 6651 2780
>
> [EMAIL PROTECTED]
> --------------------------------------------------------------
>
> This message is intended for the addressee named and may contain confidential 
> information. If you are not the intended recipient, please delete it and 
> notify the sender. Views expressed in this message are those of the 
> individual sender, and are not necessarily the views of their organisation.
>
>

Reply via email to