HI, I am also intersted in securing passwords using ldap. Where can I find this helper? I am using squid 2.5 on linux 2.4. Can I also use ntlm auth (I mean is it secure enough) against a Microsoft AD? Paolo Biancolli -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: 06 April 2006 01:37 AM To: Melanie Pfefer Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: plugin to secure authentication ons 2006-04-05 klockan 12:23 +0100 skrev Melanie Pfefer: > I am looking for a third party plug-in to secure ldap based > authentication between browser and proxy. > Can you please assist? digest authentication. There is a digest LDAP based helper in the Squid-3 tree (this helper also works with 2.5). Due to the security aspects of the browser<->squid authentication the helper requires it's own "digest" password hash stored in the LDAP tree or access to plain text passwords. In theory another possible route would be to SSL encrypt the browser<->squid traffic, but this isn't supported by any browsers on the market (neither free or proprietary) and thus requires an SSL wrapper such as stunnel on each client station.. Regards Henrik
