2) Does every http-response contain user`s username & password
when ntlm authentication is used?
No. NTLM-over-http is not a HTTP authentication scheme, it
only tries to masquerade itself as looking like one at first
glance..
Then how does squid define whether a current http-request
belongs to an authorized user or not? In HTTP authentication
scheme each http-request contains username|password, which
help squid (or authentication helper) to identify user.
wbr,
Ilya
- [squid-users] ntlm authentication Ilya
- RE: [squid-users] ntlm authentication Adam Aube
- Re: [squid-users] ntlm authentication Ilya
- RE: [squid-users] ntlm authenticatio... Adam Aube
- Re: [squid-users] ntlm authenticatio... Henrik Nordstrom
- Re: [squid-users] ntlm authentication Henrik Nordstrom
- [squid-users] Re: ntlm authentication Ilya
- [squid-users] Re: ntlm authentication Henrik Nordstrom
- RE: [squid-users] ntlm authentication daniel . jarboe
- [squid-users] NTLM Authentication Merton Campbell Crockett
- RE: [squid-users] NTLM Authentication Chris Perreault
- RE: [squid-users] NTLM Authentication Merton Campbell Crockett
- RE: [squid-users] NTLM Authenticatio... Henrik Nordstrom
