On 10/17/21 10:46 AM, Markus Moeller wrote:
I see, I think this would mean using Basic Auth to proxy1 which then gets a Kerberos ticket for the user to authenticate to proxy2. This is possible, but I would not think it is a good secure option.
I think that we're now talking about the same function. I don't think that HTTP's Basic (realm) Authentication is required.My understanding is that you can use Kerberos from clinet0 to proxy1 and that proxy1 can use the same mechanism to get a special ticket to communicate from proxy1 to proxy2 as the original user.
The scenario I described in the last email was to stet the stage to describe where the Kerberos protocol proxying was happening, not the method in the client to server part.
-- Grant. . . . unix || die
<<attachment: smime.p7s>>
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
