ons 2006-03-22 klockan 12:07 -0500 skrev Jason Gauthier: > Is it even possible to utilize digest authentication to > "transparently" authenticate to a windows domain? Technically yes, but no. MSIE does not support single-sign-on with Digest authentication. Squid does not yet support Digest authentication integration with MSAD (or another Digest capable directory service), and the details how to do this from an non-Windows server in the domain has not been reverse engineered yet. Additionally it requires "reversibly encrypted passwords" to be enabled in the directory which defaults off for security reasons.. It is also worth noticing that the Digest implementation in MSIE is quite crappy. Probably in part due to Digest normally not being enabled nor recommended in the Windows world.. > Or is this only possible with NTLM? Today NTLM or SPNEGO is the only options for single-sign-on in a Windows domain. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
