[squid-users] Squid plugin sponsor
David Touzeau
david at articatech.com
Thu Feb 10 08:32:04 UTC 2022
Hi
What we are looking for is to retrieve a "user" token without having to
ask anything from the user.
That's why we're looking at Active Directory credentials.
Once the user account is retrieved, a helper would be in charge of
checking if the user exists in the LDAP database.
This is to avoid any connection to an Active Directory
Maybe this is impossible
Le 10/02/2022 à 05:03, Amos Jeffries a écrit :
> On 10/02/22 01:43, David Touzeau wrote:
>> Hi
>>
>> I would like to sponsor the improvement of ntlm_fake_auth to support
>> new protocols
>
> ntlm_* helpers are specific to NTLM authentication. All LanManager
> (LM) protocols should already be supported as well as currently
> possible. NTLM is formally discontinued by MS and *very* inefficient.
>
> NP: NTLMv2 with encryption does not *work* because that encryption
> step requires secret keys the proxy is not able to know.
>
>> or go further produce a new negotiate_kerberos_auth_fake
>>
>
> With current Squid this helper only needs to produce an "OK" response
> regardless of the input. The basic_auth_fake does that.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220210/c1ae796f/attachment.htm>
More information about the squid-users
mailing list