Search squid archive

Re: Squid 2.7 STABLE8 (Win2008) can't get my MS Lync 2013 to work?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08/10/14 12:17, Mirza Dedic wrote:
>
> I did not want to uncomment the NTLM because we use this to provide seamless
> authentication for the clients, if we only allow basic it will prompt for
> user/pass won't it?

The dodgy "invisibly tracking users without them knowing it" feature that NTLM auth gives you only works for MSIE (all other browsers prompt I think?) and is much slower than Basic. Yes Basic does prompt, but the user can "save" the password (ie they only do it once) and is much cleaner and more reliable (try running multi-domain NTLM where one of the domains is a continent away). Basic is quicker because it's embedded in the HTTP transaction on a 1-for-1 basis, whereas NTLM is 1-for-4 (I think?). ie you have to make 4 HTTP requests before you get the webpage when you use NTLM (ignoring keepalive)

The only downside (besides your users knowing you're tracking them...) is that Basic is cleartext - so sniffers can see the passwords. However, if it's on a corporate network, that shouldn't be a problem (else you're doing it wrong ;-)

I prefer Basic specifically because it *does* mean the users know you're tracking them: that means they're less likely to go to dodgy sites/etc on company time :-)


--
Cheers

Jason Haar

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux