On ons, 2007-09-12 at 12:13 +0930, Adam Parsons wrote:
> My question is, is it possible to have the username and password
> included in the child server access logs, so the local sites can
> interpret where the users are going. At the moment we only see IP
> addresses.
With a bit of coding it should be possible to add login snooping to log
the username of forwarded authentication, especially if you are using
basic authentication as parsing the basic authentication header is
trivial..
Snooping Digest authentication requires a little more work, but not
much..
NTLM/Negotiate is a bit trickier, but still doable (at least NTLM, not
entirely sure about Negotiate, but probably..).
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT