Hi all,
in my dmz i've setup a suse 10 reverse proxy with squid and squirm.
It works well except for the web application that need to authenticate the user against the windows 2003 AD.
The security model of this application is set to avanced digest auth.
http://www.microsoft.com/technet/pro....mspx?mfr=true
I've setup a samba/winbind in the hope that the squid (executing in the indicated order) will I be able to authenticate the user
auth_param digest program /usr/sbin/digest_pw_auth /etc/squid/users.txt
auth_param digest children 10
auth_param digest realm Squid proxy-caching web server
auth_param digest nonce_garbage_interval 5 minutes
auth_param digest nonce_max_duration 30 minutes
auth_param digest nonce_max_count 25
auth_param digest check_nonce_count on
Am'i on the right way ?
Doesn anybody already use this with this kind of setup ?
I'm worry about the sentence find in the squid.conf
# WARNING: proxy_auth can't be used in a transparent proxy. It
# collides with any authentication done by origin servers. It may
# seem like it works at first, but it doesn't.
the msg that i get in the access.log is
<snip>
... authentication not applicable on accelerated request
any ideas ?
thanky you very much
Mik