On Tue, 9 Dec 2003 [EMAIL PROTECTED] wrote: > The intranet page uses NT credentials to automatically authenticate the > user. I enabled the always_direct option for the local servers but it looks > like this does not do what I expected it to do (always_direct means never > cache? My proxy is still in the middle of the connection). Is there > another option I can enable to pass the credentials through seemlessly or > even an option to tell the browser to connect to the intranet directly and > bypass the proxy (without having to configure this options on the client > side)?
If you want the browser to connect directly then this must be told to the browser. Once the browser has selected to use the proxy for the request all the proxy can do is to either forwrad the request or deny the request with an error. Most prefer having browsers configured to go direct to Intranet applications as there is usually no benefit from caching of these, and also for authentication/authorization reasons. The always_direct directive tells Squid that it can not use any cache_peer while forwarding this request. It is not related to caching or if the request is proxied via Squid or not. To control caching you use the no_cache directive. To control if the request is proxied via Squid or not you give correct information in the browsers proxy settings regarding what should be proxied or not. The use of a Proxy Autoconfig script is recommended for this purpose in complex environment. Regards Henrik
