• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Squid Exchange reverse proxy - Multiple digest authentifications

Scheduled Pinned Locked Moved pfSense Packages
4 Posts 2 Posters 3.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    TheNetStriker
    last edited by Jan 29, 2013, 2:06 PM

    I'am trying to configure squid as reverse proxy for my exchange owa website. When opening the website I can login using my username and password, but after that every subsequent request also opens the digest login dialog. Does anyone know how to solve this problem? Here is my squid config:

    
# Reverse Proxy settings
http_port 84.74.152.211:80 accel defaultsite=www.test.com vhost
https_port 84.74.152.211:443 accel cert=/usr/local/etc/squid/5106c8b77e5de.crt key=/usr/local/etc/squid/5106c8b77e5de.key defaultsite=www.test.com vhost
http_port 172.17.1.1:80 accel defaultsite=www.test.com vhost
https_port 172.17.1.1:443 accel cert=/usr/local/etc/squid/5106c8b77e5de.crt key=/usr/local/etc/squid/5106c8b77e5de.key defaultsite=www.test.com vhost
cache_peer 172.17.2.11 parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs

#EXCHSRV
cache_peer 172.17.2.4 parent 80 0 proxy-only no-query no-digest originserver login=PASS name=rvp_EXCHSRV

acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/owa.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/exchange.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/public.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/exchweb.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/ecp.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com.ch:?[0-9]*/OAB.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/Microsoft-Server-ActiveSync.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/rpc/rpcproxy.dll.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/rpcwithcert/rpcproxy.dll.*$
acl OWA_URI_pfs url_regex -i ^https://www.test.com:?[0-9]*/autodiscover.*$
cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs
cache_peer_access OWA_HOST_pfs deny allsrc
never_direct allow OWA_URI_pfs
http_access allow OWA_URI_pfs
    1 Reply Last reply Reply Quote 0
    • T
      TheNetStriker
      last edited by Jan 29, 2013, 4:17 PM

      I just found out that this problem only occurs in Firefox, on Internet Explorer and on Chrome appears only one login dialog. I think the problem ist the NTLM authentification. Is there a way to get this to work with squid on firefox browsers?

      1 Reply Last reply Reply Quote 0
      • T
        TheNetStriker
        last edited by Jan 30, 2013, 3:23 PM

        I think I found a solution for my problem. I just switched the owa website to forms based authentification and now it works also in Firefox.

        1 Reply Last reply Reply Quote 0
        • M
          marcelloc
          last edited by Jan 30, 2013, 6:06 PM

          TheNetStriker,

          Thanks for your feedback, this topic will help other users that search forum/google with the same issue.

          att,
          Marcello Coutinho

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received