Hi
What we are looking for is to retrieve a "user" token without
having to ask anything from the user.
That's why we're looking at Active Directory credentials.
Once the user account is retrieved, a helper would be in charge of
checking if the user exists in the LDAP database.
This is to avoid any connection to an Active Directory
Maybe this is impossible
Le 10/02/2022 à 05:03, Amos Jeffries a
écrit :
On
10/02/22 01:43, David Touzeau wrote:
Hi
I would like to sponsor the improvement of ntlm_fake_auth to
support new protocols
ntlm_* helpers are specific to NTLM authentication. All LanManager
(LM) protocols should already be supported as well as currently
possible. NTLM is formally discontinued by MS and *very*
inefficient.
NP: NTLMv2 with encryption does not *work* because that encryption
step requires secret keys the proxy is not able to know.
or go further produce a new
negotiate_kerberos_auth_fake
With current Squid this helper only needs to produce an "OK"
response regardless of the input. The basic_auth_fake does that.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
|
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
