• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1409
  • Last Modified:

Squid 2.5 - ASPX Pages and NTLM Authentication.

Hi All.

I'm running a Squid 2.5 Proxy server, on RH 9, authenticating against an NT domain, using Winbind.
I've got internal load balancing, running 4 squid processes, and assigning incoming requests via IPTABLES.
Everything is running smoothly, so far, other than 1 single .net webpage.
I can supply the page on request.
On this page, the users should be presented with a login prompt.
However, my users are presented with a HTTP 401.2 error, You are not authorized to view this page.
I've spoken to the web developers, and this page is attempting to authenticate through NTLM.

I've added this site to my trusted sites, but this makes no difference. I've had the developers run basic authentication, and I can then access the site, however, they are not willing to leave it as basic, for valid security reasons.

Can produce squid.conf or other information when requested.

Thanks for your help!



0
mvanryan
Asked:
mvanryan
1 Solution
 
methabhayaCommented:

Hi,
 First of all there is an issue with SQUID and NTLM. Squid cannot cache those requests. To make this work you need to setup squid so that is bypass this site for caching. (Access lists., no_cache option)

Also if your site has specific IP addresses configured as valid clients then when you access it through squid the site get's the SQUID address and not the client machine address, so that might prevent it.

Another thing you could try is to redirect using iptables all traffic directed to this site away from the squid proxy.
0
 
mvanryanAuthor Commented:
Thanks, I acutally managed to convince the vendor to move to SSL, instead of using NTLM authentication.
I had previously tried adding the domain to the no-auth required list of sites, but this had not worked.
In any case the issue was resolved, and seeing you had the only comment.... Thanks :)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now