Hi
What we are looking for is to retrieve a "user" token without having to
ask anything from the user.
That's why we're looking at Active Directory credentials.
Once the user account is retrieved, a helper would be in charge of
checking if the user exists in the LDAP database.
This is to avoid any connection to an Active Directory
Maybe this is impossible
Le 10/02/2022 à 05:03, Amos Jeffries a écrit :
On 10/02/22 01:43, David Touzeau wrote:
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support
new protocols
ntlm_* helpers are specific to NTLM authentication. All LanManager
(LM) protocols should already be supported as well as currently
possible. NTLM is formally discontinued by MS and *very* inefficient.
NP: NTLMv2 with encryption does not *work* because that encryption
step requires secret keys the proxy is not able to know.
or go further produce a new negotiate_kerberos_auth_fake
With current Squid this helper only needs to produce an "OK" response
regardless of the input. The basic_auth_fake does that.
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
