Re: [squid-users] NTLM and transparent/interception confusion

From: Guido Serassio <guido.serassio_at_acmeconsulting.it>
Date: Thu, 01 Jan 2009 11:00:12 +0100

Hi,

At 20.06 31/12/2008, Johnson, S wrote:
>I've been doing a lot of reading on this... I've got the proxy working
>in either of these two modes:
>1) As a browser configuration proxy
>2) with http_port 3128 transparent, in redirected mode
>
>I've got NTLM authentication working just fine with #1 above. However,
>with #2 I never get a password prompt. I don't really care about
>transparency; I just want to authenticate users that are outbound
>without having to configure their browser.
>
>I asked this question a couple of months back and there are people
>stating that they are doing the authentication with transparent mode.
>Some of the references I've found in my searches also seem to
>corroborate the possibility of this working (but it's not working for
>me). However, in the documentation it seems that this should not be
>possible. Am I barking up the wrong tree or is this truly possible?

You cannot.

Youa are mixing two very different and incompatible things:

- Transparent/intercepting proxy
- NTLM transparent (silent) authentication, also known as Windows
integrated authentication
http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#head-e56904dd4dfe0e21e5c2903473c473d401533ac7

Regards and happy New Year

Guido

-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio_at_acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Thu Jan 01 2009 - 10:00:41 MST

This archive was generated by hypermail 2.2.0 : Sat Jan 03 2009 - 12:00:01 MST