Search squid archive

Re: AD Ldap (automatically take the user that is logging on PC)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 18/08/2016 12:11 p.m., brendan kearney wrote:
> You want Kerberos and/or NTLM authentication for Single Sign On.

That is a myth. SSO is simply a way of building the system so that the
credentials used for machine login work when sent to the proxy and other
services. If you don't build the system right even NTLM wont work as SSO.

It is up to the browser to send the credentials it can find using the
appropriate authentication scheme for any receiving services (ie the proxy).

NTLM and Kerberos take the Windows login credentials without translating
them. So "work" without fancy browser translation being needed is all.


IIRC, there is a setting somewhere called "Use Windows Integrated
Authentication" that sometimes has to be enabled for SSO to work with
non-Microsoft designed authentication schemes.

Amos

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux