Re: [squid-users] NTLM through proxy server?
On fre, 2007-08-31 at 14:21 -0300, Diego Woitasen wrote: ey, It's working with connection pinning of Squid-2.6 :) Yes, it should. But it's not making pretty things to the internals of Squid.. and nor is the commonly deployed browser behaving in any sane manner.. Regards Henrik signature.asc Description: This is a digitally signed message part
Re: [squid-users] NTLM through proxy server?
On fre, 2007-08-24 at 21:23 -0300, Diego Woitasen wrote: ok, is protocol specific, but I read the protocol and I can't undertand why. The Client and the Server need to see themselves? Or Is a conexion multiplexation problem in the proxy? HTTP is message oriented, based on self-contained messages being passed over unspecified transports, with transports being hop-by-hop (i.e. browser-proxy and proxy-server is independent transports). NTLM is connection oriented, based on connection state. Only masqueraded to look like an HTTP authentication scheme, not at all acting as one. Thus proxying of NTLM requires the proxy to 1. Detect that the NTLM scheme is being used. 2. Then make a strict association between client connection and server connection 3. and also remember that requests seen on this client connection is using authentication even if the messages themselves do not contain any authentication related information at all. Which is quite different from how an HTTP proxy normally operates. Regards Henrik signature.asc Description: This is a digitally signed message part
Re: [squid-users] NTLM through proxy server?
On tor, 2007-08-23 at 14:44 -0800, Chris Robertson wrote: From my understanding the limitation was protocol specific (NTLM auth violated the HTTP spec), but workarounds were added to Squid 2.6. Correct. Regards Henrik signature.asc Description: This is a digitally signed message part
[squid-users] NTLM through proxy server?
I read a mail of five years ago saying that NTLM auth. can't pass through a proxy server. Is this limitation protocol specific or is a Squid problem? If it a squid problem then is working now? regards, diegows -- --- Diego Woitasen ---
Re: [squid-users] NTLM through proxy server?
Diego Woitasen wrote: I read a mail of five years ago saying that NTLM auth. can't pass through a proxy server. Is this limitation protocol specific or is a Squid problem? If it a squid problem then is working now? regards, diegows From my understanding the limitation was protocol specific (NTLM auth violated the HTTP spec), but workarounds were added to Squid 2.6. Chris