On Wed, 27 Apr 2005, Varun wrote:
> Apart from NCSA what are the other forms
> of authentication that are available vis-a-vis
> squid.One that will not have that crypto issue.
There is three authentication schemes (how browser and Squid
communicates):
Basic -> Plain Text login + password
Digest -> Cryptographically safe hash exchanges based on the login +
password.
NTLM -> Microsoft NTLM authentication
Each of these schemes have their own set of different helpers for
verifying the password.
Basic has quite many, as the plaintext password allows using a large
varity of authentication backends to validate the password. See the
helpers/basic_auth/ directory for the ones shipped with Squid, but there
is also several third-party authenticators. The perhaps most well known is
Samba ntlm_auth for werifying the passwords in a Windows domain.
Digest only has one yet.. using a separate password file. The
cryptographich hash exchanges places rather strict requirements on what
can be done.
NTLM has a handful to choose from, but the recommended is Samba ntlm_auth
(see Squid FAQ on how to use winbind). The ones shipped with Squid is not
of very good quality compared to the Samba one..
Regards
Henrik
Received on Fri May 06 2005 - 15:50:05 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT