On Tuesday, 2020-10-20 10:59:41 -0400 Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote > On 10/20/20 10:44 AM, Philipp Gesang wrote: > > On Tuesday, 2020-10-20 09:53:45 -0400 Alex Rousskov wrote > >>> a while back we received a report from a customer that Windows > >>> hosts will not fall back on conventional authentication > >>> mechanisms if Squid advertises Negotiate. That is unfortunate as > >>> not all systems in that customer’s network are Kerberos enabled > >> > >> We have added the auth_schemes directive to address this and similar > >> problems. Unfortunately, the squid.conf renderer on the official site > >> does not include v5+ options, but you can see raw documentation at > >> https://github.com/squid-cache/squid/blob/710f160/src/cf.data.pre#L2139 > > > That looks like it’s exactly what we need. So this will be a 5.x only > > feature? > > It is a v5+ feature (i.e. it is in v5 now and should be in v6, v7, etc.). How far away in the future do you think is an official v5 release from now? Going by the git log it’s been in the making for quite a while. > You can, of course, lobby Amos, the v4 maintainer, for making a policy > exception and officially including (a backport of) auth_schemes into v4. > Factory may even have a v4-based branch somewhere that we can resurrect > as a starting point for that backporting effort. As a last resort, maybe. I’d rather see that effort invested in moving ahead with v5. ;) Best regards, Philipp
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
