On ons, 2007-09-12 at 12:13 +0930, Adam Parsons wrote: > My question is, is it possible to have the username and password > included in the child server access logs, so the local sites can > interpret where the users are going. At the moment we only see IP > addresses. With a bit of coding it should be possible to add login snooping to log the username of forwarded authentication, especially if you are using basic authentication as parsing the basic authentication header is trivial.. Snooping Digest authentication requires a little more work, but not much.. NTLM/Negotiate is a bit trickier, but still doable (at least NTLM, not entirely sure about Negotiate, but probably..). Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
