Hi, Amos
> Squid can offer both types. Configure two sets of auth_param in the
> order you would prefer them to be used.
I know that.
> auth_param ntlm program .....
> auth_param basic program .....
The above parameters return the follwoing http reply.
> HTTP/1.0 407 Proxy Authentication Required
> .....
> Proxy-Authenticate: NTLM
> Proxy-Authenticate: Basic realm="XXXXXXXXXXX"
> ....
It looks ok. But, InternetExplorer8 has never been trying Basic
authentication...
How can I let IE try Basic auth after NTLM auth failed ?
Squid version: 3.1.9
Sincerely,
-- Mikio Kishi On Thu, Nov 18, 2010 at 6:01 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote: > On 18/11/10 18:48, Mikio Kishi wrote: >> >> Hi, all >> >> Now, I'm using NTLM authentication (auth_param ntlm ......). >> However, we can not browse some sites (windows update or adobe's one) >> bacause activex control is not supported NTLM authentication. >> >> So, I'd like to browse via "Basic auth" when "NTLM auth" is failed. >> Is it possible to configure such an authentication switching ? >> > > Squid can offer both types. Configure two sets of auth_param in the order > you would prefer them to be used. > > It is completely up to the agent to pick the one it wants reply with. Some > agents use the order offered as a hint. Others pick the strongest encryption > they support. > > This is as good as it gets at present. In all Squid 2.6+. > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE9 or 3.1.9 > Beta testers wanted for 3.2.0.3 >Received on Thu Nov 18 2010 - 09:49:19 MST
This archive was generated by hypermail 2.2.0 : Thu Nov 18 2010 - 12:00:03 MST