Thanks Martin. As you know there are no secured browsers in the market which encrypts user names/passwords. Everything is sent in plain text over LAN. (Sometime back Henrik shed some light to creating ssh tunnel, Which absolutely worked fine. Thanks to Henrik.) But I am instructed to AVOID putting anything on the client side. To avoid this, What I was trying to achieve is... Make apache as a secured web server and perform secured authentication against ldap server, and then inform squid server that no more authentication is needed for browsing. Not sure, if this is possible, But trying to explore the possible ways. Thank you, Bhagwan -----Original Message----- From: Martin A. Brooks [mailto:martin@xxxxxxxxxxxxxxx] Sent: Friday, July 13, 2007 4:45 PM To: Vootla, Bhagwan Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: How would Squid server sense authentication? Vootla, Bhagwan wrote: > Does anyone know how is this achieved internally ? > Browsers cache the details and send it with every request. HTTP is stateless, this is the only way it can work.
