Problem with NT Authentication

From: Leonardo Rodrigues <coelho@dont-contact.us>
Date: Wed, 22 Dec 1999 08:26:44 -0300

         People, I'm having some problems acessing some webpages with
squid. It seems that the page is hosted on a Windows NT, anonymous access
is denied, and the IIS is waiting encrypted passwords ( NTLM scheme, not
plain text ). Of course squid can't do NTLM, and nobody is getting throw
that page.

         Look what I get with Lynx configured to use squid:

Looking up secret.address.com.br first.
Looking up 10.32.8.117:8080. <- this is Squid
Making HTTP connection to 10.32.8.117:8080.
Sending HTTP request.
HTTP request sent; waiting for response.
Alert!: Invalid header 'WWW-Authenticate: NTLM'
Can't Access `http://secret.address.com.br/'
Alert!: Unable to access document.

         On Netscape and IE, the error is:

HTTP Error 401

401.2 Unauthorized: Logon Failed due to server configuration

This error indicates that the credentials passed to the server do not match
the credentials required to log on to the server. This is
usually caused by not sending the proper WWW-Authenticate header field.

Please contact the Web server's administrator to verify that you have
permission to access to requested resource.

         If I turn off Squid, Netscape and IE gives me a username and
password window, which is OK. Without Squid, I can access the page normally.

         I tried to use some ACLs ( src - ip address and dstdomain ) with
always_direct to allow my users to get throw that page without getting
throw Squid, but it doesn't work.

         Any ideas ? Any clues ? Any tips ? Anything ?
Received on Wed Dec 22 1999 - 03:40:38 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:05 MST