[squid-users] ntlm_auth problems from Tomas Palfi on 2002-05-17 (squid-users)

From: Tomas Palfi <tpalfi@dont-contact.us>
Date: Fri, 17 May 2002 16:37:36 +0100

all,

correct, i didn't express myself at all in my previous mail - i'll try
again! the complete scenario is as follows:

using squid-2.5PRE7 on sun solaris 8 with compiled ntlm_auth, the config
options that i used are as follows:
./configure --enable-async-io --enable-icmp --enable-delay-pools
-enable-auth=ntlm,basic everything installed corrrectly. then i installed
MSNT and NTLMSSP helpers

in my squid.conf file i have the following

auth_param ntlm program /usr/local/squid/libexec/ntlm_auth
centrix_uk/dell_serv_6
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

i did not configure any of the basic authentication options in squid.conf
despite the fact that i compiled it and the helper as well. please notice
the underscores in the domain_uk/PDC_6

acl mynet src 192.168.0.0/255.255.0.0
acl passwd proxy_auth REQUIRED

http_access allow mynet password
http_access deny all

the following are the messages i get from /var/adm/messages on the box
May 17 08:47:31 phoenixweb squid[2774]: [ID 702911 user.alert]
authenticateNTLMHandleReply: called with no result string

and from squid itself from the /usr/local/squid/var/logs/access.log

1021029500.564 5 160.60.224.207 TCP_DENIED/403 1134 GET
http://www.microwar
ehouse.co.uk/images/products/e367503.gif - NONE/- text/html

these two error messages may not be related and generated at the same time.
the result after i have configured and tried a browser on NT client is 'the
page cannot be displayed' this is the standard IE6 output, however, if i try
the same on WIN98SE logged on the same domain it brings the authentication
dialog box asking to re-authenticate the user name, passwd and domain name,
when i do that after 3 attempts i get html output to the browser 'cache
access denied'

help really needed
thank you for all suggestions

--
end
Tomas Palfi
IT Department
Phoenix Medical Supplies Ltd.
00 44 (0)1978 340167
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

Received on Fri May 17 2002 - 09:37:40 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:09 MST