On tor, 2007-09-27 at 16:45 -0500, Luis Daniel Lucio Quiroz wrote: > - Squids need to be auth, however, auth must be agains an openldap (I know > this is possible). The fact is that auth MUST be crypted. I was thinking > about Cipher auth that is done with MD5 but we really dont know what is the > crypt hash of ldap. digest auth is probably what you are looking for. > - Authentication must be share, in the way that if I've already authed in > squid1, then squid2 shouldnt ask me authentication. Then they all need to use the same hostname, either via a mult-record DNS entry or a load balancer. > I'm not really shure if > ICP or HTCP cand do this. Squis farm is balanced by an external apliance so > we dont know what squidN is responding to replay. Ok. So then it will just work. Just make sure the load balancer is somewhat session aware if you are using digest as it will not perform well if the user is randomly assigned a new server on each request. Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
