Solved

Squid 2.5 - ASPX Pages and NTLM Authentication.

Posted on 2004-10-19
2
1,358 Views
Last Modified: 2008-01-09
Hi All.

I'm running a Squid 2.5 Proxy server, on RH 9, authenticating against an NT domain, using Winbind.
I've got internal load balancing, running 4 squid processes, and assigning incoming requests via IPTABLES.
Everything is running smoothly, so far, other than 1 single .net webpage.
I can supply the page on request.
On this page, the users should be presented with a login prompt.
However, my users are presented with a HTTP 401.2 error, You are not authorized to view this page.
I've spoken to the web developers, and this page is attempting to authenticate through NTLM.

I've added this site to my trusted sites, but this makes no difference. I've had the developers run basic authentication, and I can then access the site, however, they are not willing to leave it as basic, for valid security reasons.

Can produce squid.conf or other information when requested.

Thanks for your help!



0
Comment
Question by:mvanryan
2 Comments
 
LVL 2

Accepted Solution

by:
methabhaya earned 400 total points
ID: 12421688

Hi,
 First of all there is an issue with SQUID and NTLM. Squid cannot cache those requests. To make this work you need to setup squid so that is bypass this site for caching. (Access lists., no_cache option)

Also if your site has specific IP addresses configured as valid clients then when you access it through squid the site get's the SQUID address and not the client machine address, so that might prevent it.

Another thing you could try is to redirect using iptables all traffic directed to this site away from the squid proxy.
0
 

Author Comment

by:mvanryan
ID: 12489068
Thanks, I acutally managed to convince the vendor to move to SSL, instead of using NTLM authentication.
I had previously tried adding the domain to the no-auth required list of sites, but this had not worked.
In any case the issue was resolved, and seeing you had the only comment.... Thanks :)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now