Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid Exchange reverse proxy - Multiple digest authentifications

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 3.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TheNetStriker
      last edited by

      I'am trying to configure squid as reverse proxy for my exchange owa website. When opening the website I can login using my username and password, but after that every subsequent request also opens the digest login dialog. Does anyone know how to solve this problem? Here is my squid config:

      
# Reverse Proxy settings
http_port 84.74.152.211:80 accel defaultsite=www.test.com vhost
https_port 84.74.152.211:443 accel cert=/usr/local/etc/squid/5106c8b77e5de.crt key=/usr/local/etc/squid/5106c8b77e5de.key defaultsite=www.test.com vhost
http_port 172.17.1.1:80 accel defaultsite=www.test.com vhost
https_port 172.17.1.1:443 accel cert=/usr/local/etc/squid/5106c8b77e5de.crt key=/usr/local/etc/squid/5106c8b77e5de.key defaultsite=www.test.com vhost
cache_peer 172.17.2.11 parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs

#EXCHSRV
cache_peer 172.17.2.4 parent 80 0 proxy-only no-query no-digest originserver login=PASS name=rvp_EXCHSRV

acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/owa.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/exchange.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/public.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/exchweb.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/ecp.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/OAB.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/Microsoft-Server-ActiveSync.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/rpc/rpcproxy.dll.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/rpcwithcert/rpcproxy.dll.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/autodiscover.*$
cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs
cache_peer_access OWA_HOST_pfs deny allsrc
never_direct allow OWA_URI_pfs
http_access allow OWA_URI_pfs
      1 Reply Last reply Reply Quote 0
      • T
        TheNetStriker
        last edited by

        I just found out that this problem only occurs in Firefox, on Internet Explorer and on Chrome appears only one login dialog. I think the problem ist the NTLM authentification. Is there a way to get this to work with squid on firefox browsers?

        1 Reply Last reply Reply Quote 0
        • T
          TheNetStriker
          last edited by

          I think I found a solution for my problem. I just switched the owa website to forms based authentification and now it works also in Firefox.

          1 Reply Last reply Reply Quote 0
          • marcellocM
            marcelloc
            last edited by

            TheNetStriker,

            Thanks for your feedback, this topic will help other users that search forum/google with the same issue.

            att,
            Marcello Coutinho

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.