--------------------- PatchSet 1970 Date: 2005/10/23 09:21:53 Author: serassio Branch: negotiate Tag: (none) Log: Port of keep_alive option to negotiate Members: src/cf.data.pre:1.87.2.1->1.87.2.2 Index: squid3/src/cf.data.pre =================================================================== RCS file: /cvsroot/squid-sf//squid3/src/cf.data.pre,v retrieving revision 1.87.2.1 retrieving revision 1.87.2.2 diff -u -r1.87.2.1 -r1.87.2.2 --- squid3/src/cf.data.pre 22 Oct 2005 18:30:58 -0000 1.87.2.1 +++ squid3/src/cf.data.pre 23 Oct 2005 09:21:53 -0000 1.87.2.2 @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.87.2.1 2005/10/22 18:30:58 hno Exp $ +# $Id: cf.data.pre,v 1.87.2.2 2005/10/23 09:21:53 serassio Exp $ # # # SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -1896,12 +1896,12 @@ Its main purpose is to exchange credentials with the Squid proxy using the Kerberos mechanisms. If you use a Negotiate authenticator, make sure you have at least one acl - of type proxy_auth active. By default, the ntlm authenticator_program + of type proxy_auth active. By default, the negotiate authenticator_program is not used. The only supported program for this role is the ntlm_auth program distributed as part of Samba, version 3 or later. - auth_param ntlm program @DEFAULT_PREFIX@/bin/ntlm_auth --helper-protocol=gss-spnego + auth_param negotiate program @DEFAULT_PREFIX@/bin/ntlm_auth --helper-protocol=gss-spnego "children" numberofchildren The number of authenticator processes to spawn (no default). @@ -1910,7 +1910,16 @@ down. When crendential verifications are done via a (slow) network you are likely to need lots of authenticator processes. - auth_param ntlm children 5 + auth_param negotiate children 5 + + "keep_alive" on|off + If you experience problems with PUT/POST requests when using the + Negotiate authentication scheme then you can try setting this to + off. This will cause Squid to forcibly close the connection on + the initial requests where the browser asks which schemes are + supported by the proxy. + + auth_param negotiate keep_alive on NOCOMMENT_START #Recommended minimum configuration: @@ -1918,6 +1927,7 @@ #auth_param ntlm children 5 #auth_param negotiate program #auth_param negotiate children 5 +#auth_param negotiate keep_alive on #auth_param digest program #auth_param digest children 5 #auth_param digest realm Squid proxy-caching web server