[squid-users] squid 5.2: ntlm_fake_auth refuse to valid credentials
Amos Jeffries
squid3 at treenet.co.nz
Thu Nov 11 07:40:44 UTC 2021
On 11/11/21 14:12, David Touzeau wrote:
> Hi,
> i would like to use ntlm_fake_auth but it seems Squid refuse to switch
> to authenticated user and return a 407 to the browser and squid never
> accept credentials.
>
> What i missing ?
>
> Configuration seems simple:
> auth_param ntlm program /lib/squid3/ntlm_fake_auth -v
> auth_param ntlm children 20 startup=5 idle=1 concurrency=0 queue-size=80
> on-persistent-overload=ERR
> acl AUTHENTICATED proxy_auth REQUIRED
> http_access deny !AUTHENTICATED
>
> Here the debug mode;
>
The log you presented shows the helper delivering a TT response to
Squid. Which is NTLM step 2 response token for a 407 challenge response.
That is only sent if there were not auth headers received from the
client - which is correct per your config shown.
The log snippet stops before Squid sends that response to the client, so
whatever follows is unknown.
Amos
More information about the squid-users
mailing list