fre 2009-08-14 klockan 16:40 -0400 skrev Daniel: > If we choose to authenticate against LDAP, I know that we can use SSL/TLS > and secure the traffic between our LDAP servers and the Squid servers. > However, wouldn't the usernames/passwords still be sent basically clear-text > from the Squid Client (workstations) and Squid? Yes. > If this is the case, is there any way to secure the authentication between > squid clients and squid. What are my options? HTTP Digest authentication is one option. Requires some special care and love on the authentication backend as the password isn't even known to the proxy (which means it can't verify it to generic password based backends), but is quite secure once up and running. Regards Henrik
