On 25/07/2012 2:01 p.m., Eliezer Croitoru wrote:
On 7/24/2012 4:13 PM, Nicole Hähnel wrote:
Hi,

recently we are using Squid 3.1.20 on SLES11 SP1 to control the
webaccess in our Microsoft AD network.
There are some internal microsoft based websites like Sharepoint for
instance.
Without squid we can open these websites without renewed authentication
to the browser.
With squid (wpad file) we get a login box, but in spite of the right
credentials we won't be logged in.
All computers are authenticated to the AD, so squid has to pass through
the kerberos certificate.

Are there any hints on that?

Thanks!

Kind regards,
Nicole

what is the content of the WPAD script?
the access to the sharepoint and other internal server are through the squid server at all? do you see anything logged in the access.log file when you are trying to access the sharepoint page?

Eliezer


Sharepoint is on my little list of MS software which breaks HTTP when faced with Squid-3.1 slightly unique combination of HTTP/1.0 to clients and HTTP/1.1 to servers. It seems to have some keep-alive issues with Squid.

The workaround is to use Squid-3.2 where more of HTTP/1.1 is supported. Meanwhile, I'm looking for someone to help design and run a permutation series of test cases on Squid to ensure it emits the correct keep-alive/close value in both directions.

Amos

Reply via email to