Article delegate-en <_A3995@delegate-en.ML_>
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[delegate-en/3995] [Reference:<_A3994@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Windows Integrated Authentication
06 Jun 2008 08:43:53 GMT (Yutaka Sato)
The DeleGate Project


In message <_A3994@delegate-en.ML_> on 06/03/08(21:29:44)
you "Nagel, Willy" <> wrote:
 |I have setup a server with IIS 6.0 and enabled Integrated Windows
 |I have setup delegate with the following config file:
 |STLS="fsv,fcl,sslway -cert lib/cert.crt -key lib/cert.key"
 |MOUNT="/* https://mounted_ip/* via=ip_address"
 |This configuration works with all sites, except with sites that have
 |Integrated Windows Authentication.
 |When I use the same configuration with Basic Authentication, this does
 |Usually, when enabling both Integrated Windows Authentication and Basic
 |Authentication on a site in IIS and Integrated Windows Authentication
 |doesn't apply, you're authenticated using Basic Authentication.
 |Is this at all possible with Delegate? Or do you have any suggestions?

Conveying NTLM authentication over HTTP seems be defined in RFC4559 and
the RFC seems requiring proxies to add a magic field

  Proxy-support: Session-Based-Authentication

to the 401 response message asking NTLM Negotiate from the server.
You can add the field for all response messages with an option like folows:


If this workaround works in your case, I'll support it more neatly in DeleGate.

  9 9   Yutaka Sato <>
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]