Article delegate-en/4115 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FW: [DeleGate-En] Windows Integrated Authentication
08 Sep 2008 07:20:43 GMT "Nagel, Willy" <>

Hi Yutaka,

Thanks for your help, but I'm still unsuccessfull.

I now user the following config:

MOUNT="/* http://destination_ip/* via=server_ip"

And this results in the following logfile:

09/08 09:02:10.17 [3588] 1+2: (0) accepted [43]
-@[listen_ip]client_ip:1972 (0.016s)(1)
09/08 09:02:10.17 [3588] 1+2: Proxy: host=client_ip; User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322);
09/08 09:02:10.17 [3588] 1+2: HCKA:[0] Keep-Alive; host=client_ip;
(User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR
09/08 09:02:10.19 [2744] 1+0: AcceptByMain: yielded to a Sticky (1)
09/08 09:02:10.19 [3588] 1+2: REQUEST - GET / HTTP/1.1^M
09/08 09:02:10.19 [3588] 1+2: *** / => http://destination_ip/ ***
09/08 09:02:10.19 [3588] 1+2: REQUEST +M http://destination_ip/
09/08 09:02:10.19 [3588] 1+2: LongOuser(domain\user) ok=0
09/08 09:02:10.19 [3588] 1+2: AUTHORIZER=-login host=[]
user=[domain\user] -> NO
09/08 09:02:10.19 [3588] 1+2/1: HCKA:[1] closed -- a:authentication
09/08 09:02:10.19 [3588] 1+2/1: disconnected [43]
-@[listen_ip]client_ip:1972 (0.031s)(0) 

Kind regards,


-----Original Message-----
From: Yutaka Sato [] 
Sent: Friday, September 05, 2008 11:05 PM
Cc: Nagel, Willy
Subject: Re: [DeleGate-En] FW: [DeleGate-En] Windows Integrated

Hi Willy,

On 09/05/08(18:51) I wrote in <_A4110@delegate-en.ML_>  |With which
browser and what URL are you accessing the DeleGate?
 |If you are accessing the DeleGate with "non-local hostname" with MSIE,
|NTLM is not enabled by default.

I'm reminded that this is the reason why I did not document well about
NTHT.  NTHT is only available with MSIE with a URL of restricted form of
host-name or with a special configuration of MSIE.
Thus I implemented an authenticaiton gateway between Basic-auth.-client
and NTLM-auth.-server which can be used as this.

  client -> [Basic authentication] -> DeleGate -> [NTLM] -> IIS

This is recorded in the CHANGES file as this:
>9.8.2 080630 new {access,winsspi}.c: AUTHORIZER=-login using LogonUser 
>on Win32
>9.8.2 080628 new {http,winsspi}.c: Basic auth. client to NTHT server 
>9.8.2 080628 new {http,winsspi}.c: added AUTHORIZER=-ntht to be NTHT 
>9.8.2 080625 new {env,http}.c: added -Enh to enable NTHT proxy (NTLM 
>over HTTP)

This gateway feature is enabled with the following parameters, but I'm
not sure if it works for any users on Windows in general.


  9 9   Yutaka Sato <>
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law.

If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message.

Thank you for your co-operation.

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]