Search squid archive

Re: Kerberos authentication with multiple squids

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I think you talk about a kdc proxy, which is for another case.

Regards
Markus

"Grant Taylor" wrote in message news:b815528d-34ff-0fed-3194-dc6f34199a1c@xxxxxxxxxxxxxxxxxxxxxxxxxxx...

On 10/13/21 1:48 PM, Markus Moeller wrote:
The problem lies more in the way how Kerberos proxy authentication
works. The client uses the proxy name to create a ticket and in this
case it would be the name of the first proxy e.g. proxy1.internal.  The
first proxy will pass it through to the authenticating proxy for
authentication proxy2.internal.

My understanding is that there is a way that a Kerberized service
(proxy1 in this case) could act as a Kerberos protocol proxy agent (of
sorts) and ask for a special type of Kerberos ticket on behalf of the
client (client0) asking it (proxy1) for service which it (proxy1) would
use when forwarding connections on to another host (proxy2 in this
case).  Is my general understanding of Kerberos wrong?

Does Squid support such Kerberos protocol proxy agent (term?) support?



--
Grant. . . .
unix || die

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux