On Mon, 18 Oct 2004, Hal Douglas wrote:
> 1098069200.802 1 10.0.1.8 TCP_DENIED/407 1747 GET
> http://www.google.com/ - NONE/- text/html [Accept: image/gif,
> image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint,
> application/vnd.ms-excel, application/msword, application/x-shockwave-flash,
> */*\r\nAccept-Language: en-au\r\nCookie:
> PREF=ID=17238ed846c9d38d:CR=1:TM=1096527005:LM=1096527005:S=kyLy_3fTUQxpLp2g
> \r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR
> 1.1.4322)\r\nHost: www.google.com\r\nProxy-Connection: Keep-Alive\r\n]
> [HTTP/1.0 407 Proxy Authentication Required\r\nServer:
> squid/2.5.STABLE6\r\nMime-Version: 1.0\r\nDate: Mon, 18 Oct 2004 03:13:20
> GMT\r\nContent-Type: text/html\r\nContent-Length: 1320\r\nExpires: Mon, 18
> Oct 2004 03:13:20 GMT\r\nX-Squid-Error: ERR_CACHE_ACCESS_DENIED
> 0\r\nProxy-Authenticate: Basic realm="Pandora Squid Test Proxy blah blah
> blah"\r\nProxy-Authenticate: NTLM\r\n\r]
Did you get only this 407, or additional ones? NTLM uses 3 requests
(minimum 2) per new TCP connection to the proxy to authenticate, and all
three is needed..
The expected sequence is
1. A simple 407 like the one above, indicating Squid accepts both Basic
and NTLM authentication.
2. A 407 where the browser sent a blob of information in Proxy-Authorize:
NLMT ... and Squid responds with a similar blob.
4. A 200 where the browser sent another blob of information (the actual
user credentials step) in it's Proxy-Authorize: NTLM header.
Regards
Henrik
Received on Mon Oct 18 2004 - 03:40:55 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:02 MST