On Sat, 2004-11-06 at 12:24 +1100, Andrew Bartlett wrote: > I wish to propose an extension to the NTLM helper/squid protocol, such > that a squid redirector, or a external ACL helper, may access the list > of groups. > > A new command to ntlm_auth, UG, would request the list of user groups > from the last authentication. This uses the fact that in NTLM and > SPNEGO authentication, the authentication produces the group list, that > should be valid for a particular session.
It shouldn't be a new command. The cookie should just be returned with the auth. (Anything else races hugely with overlapped requests). Rob -- GPG key available at: <http://www.robertcollins.net/keys.txt>.
signature.asc
Description: This is a digitally signed message part
