Mailinglist Archive: opensuse-edu (37 mails)
| < Previous | Next > |
Re: [suse-linux-uk-schools] Network migration starting with squid.. help
- From: Tony Whitmore <tony@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 11 May 2005 16:49:40 +0000 (UTC)
- Message-id: <4282379E.7020400@xxxxxxxxxxxxxxxxxx>
Alan Loughlin wrote:
> Internet explorer constantly prompts a logon box everytime you open it. If
> you look at censornet forums and try it out you'll see. Censornet/Adelix
> have stated they have no current release date for this to be fixed. Due to
> the need IE has for persistent connections I think.
Absolutely. IE can't pass session data from one instance to another. So
if you open up one IE window and authenticate against CensorNet (and
indeed Squid) and then open up another, the data has to be entered
again. This is, if anything, a bug in IE, not Dan's Guardian / Squid /
CensorNet. It'd be down to MS to fix that.
The work around is to use NTLM authentication which, as you say, is not
currently available in CensorNet. This would transparently use the
authentication detailed entered by the user at logon to authenticate
against the proxy server. So IE still needs that authentication to
happen for each session, it's just that it happens transparently. There
isn't a schedule for inclusion of the NTLM auth feature, mainly due to
Adelix being really busy at the moment. The estimated costs are about
£3k to integrate the feature including the necessary configuration
changes and reprogramming the web interface / set up program if you
wanted to think about comissioning the work from them.*
HTH,
Tony
* No, I don't work for Adelix either. But I do use CensorNet.
> Internet explorer constantly prompts a logon box everytime you open it. If
> you look at censornet forums and try it out you'll see. Censornet/Adelix
> have stated they have no current release date for this to be fixed. Due to
> the need IE has for persistent connections I think.
Absolutely. IE can't pass session data from one instance to another. So
if you open up one IE window and authenticate against CensorNet (and
indeed Squid) and then open up another, the data has to be entered
again. This is, if anything, a bug in IE, not Dan's Guardian / Squid /
CensorNet. It'd be down to MS to fix that.
The work around is to use NTLM authentication which, as you say, is not
currently available in CensorNet. This would transparently use the
authentication detailed entered by the user at logon to authenticate
against the proxy server. So IE still needs that authentication to
happen for each session, it's just that it happens transparently. There
isn't a schedule for inclusion of the NTLM auth feature, mainly due to
Adelix being really busy at the moment. The estimated costs are about
£3k to integrate the feature including the necessary configuration
changes and reprogramming the web interface / set up program if you
wanted to think about comissioning the work from them.*
HTH,
Tony
* No, I don't work for Adelix either. But I do use CensorNet.
| < Previous | Next > |