Hi Daniel,
You need to check your client when you get an NTLM token instead of a
Kerberos token. It means the client can not get the HTTP/<fqdn> token for
for squid proxy. You can check this with tools like wireshark ( Check
communication on port 88).
Regards
Markus
"Daniel Reif" wrote in message
news:CAA0zFtycEvC97TzFKXgw8RfL0FAJ-z6HtomU5TtyD5Nzj5pzmA_at_mail.gmail.com...
Hello guys,
I'm having problems when trying to authenticate using squid squid_kerb_auth.
In access.log only denies the request and the browser keeps requesting
credentials.
In cache.log get the following in return:
08/13/2014 16:58:27 kid1 | ERROR: Negotiate Authentication validating user.
Result: {result = BH, notes = {message: received type 1 NTLM token; }}
Has anyone faced this problem?
This is the lines on my squid.conf
*auth_param negotiate program /app/squid/libexec/squid_kerb_authauth_param
negotiate children 10auth_param negotiate keep_alive onacl authenticated
proxy_auth REQUIREDhttp_access allow authenticated*
keytab files is /app/squid/etc/HTTP.keytab
I already ran the kinit command
Att
Daniel William Reif
Received on Fri Aug 15 2014 - 11:11:34 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 15 2014 - 12:00:05 MDT