Heinz Ahrens wrote:
> i use squid with perhaps 20.000 users an all works fine. My only problem is
> the fact, that the user-authentication is not encrypted.
A quite common problem.
As a standard solution you could investigate using Digest
authentication. Digest authentication strongly protects the password on
the wire..
> Now i want to solve the problem and i found "Squid IP Auth". This is fine,
> but i need another program, because i use NAT between client and proxy and
> squidGuard with different userlists.
The concept of temporary passwords works just fine.
Your main problem then is how Squid is to identify the users, knowing
when to expect a temporary password or when to redirect the user to the
"secure page for generating the temporary password".
HTTP does not have a concept of "sessions". Authentication is performed
individually on each request. Because of this you do not know if this
request is the "first" request, or a "second request".
Regards
Henrik
Received on Wed Nov 27 2002 - 04:30:33 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:36 MST