Search squid archive

ntlm auth and browser dialog

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



hello

I am currently using Basic auth against an Active Directory Server, including a group membership authorisation check. Its great, except that cleartext passwords travelling over the wire are a concern and I would like to avoid that if possible.

I am investigating changing to NTLM authentication to do the same job. More or less as per this article http://wiki.squid-cache.org/ConfigExamples/WindowsAuthenticationNTLM? highlight=%28ConfigExamples%29

Firstly is it true that NTLM auth is a bit more secure as it avoids passing the credentials in the clear over the wire? Secondly is the design of NTLM - having the squid box "joined" to the AD domain - intended to remove the need to send a proxy auth request to the browser, instead using the AD data?

What I wish to do is preserve the dialog box presentation in the browser to show the Realm string and request user/pass as happens now using Basic Auth, but use NTLM instead.

Does this make sense and is it  possible?

many thanks

rolf.


This message may contain confidential information which is intended only for the individual named.
If you are not the named addressee you should not disseminate, distribute or copy this email.
Please notify the sender immediately by email if you have received this email by mistake and delete this email from your system.
Email transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.
The sender therefore does not accept liability for any errors or omissions
in the contents of this message which arise as a result of email transmission.
If verification is required please request a hard copy version.

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux