[squid-users] Using cache_peer for transparent NTLM authentication

Antonio Petrelli antonio.petrelli at gmail.com
Wed Dec 16 13:13:41 UTC 2015


2015-12-16 12:58 GMT+01:00 Amos Jeffries <squid3 at treenet.co.nz>:

> On 16/12/2015 11:12 p.m., Antonio Petrelli wrote:
> > Hello
> > sorry if this question has been asked, and answered, already, I dug the
> > mailing list archive but it is still not clear to me.
> >
> > Is it possible to use a cache_peer that supports NTLM authentication in a
> > "transparent" way, so that the user of the Squid proxy does not need to
> > enter any authentication and Squid does all the authentication by itself?
>
> No that is not supported. And we have no intention of adding it, NTLM
> has been deprected for nearly 10 years.
>
> Squid supports performing Negotiate/Kerberos authentication to
> cache_peer instead.
>
>
> > Notice that, until now, I am using CNTLM to do this, however CNTLM has
> > severe problems under Windows 8.
>
> Notice that NTLM has increasingly severe problems under any Windows XP
> SP3 or later system.
>
>
Thank you. Notice that I asked this question because I would like to use
Squid as a personal local proxy for different type of upstream proxy, so
that a user can use their Squid instance on their machine and the only
thing to do is switch the correct configuration file when switching
workplace. Currently I do it by using Squid or CNTLM when needed and I also
wrote a proxy in Java for it, however it is really memory-consuming,
especially compared to Squid:
https://github.com/apetrelli/scafa

Thank you anyway for your answer and sorry for the rant

Antonio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151216/1db7925a/attachment.html>


More information about the squid-users mailing list