On Wed, 21 Jul 2004, Ronny Haryanto wrote: > Is there any other alternative for secure auth? Any suggestions?
The only viable alternative is digest, but as you noted this places rather strict restrictions on your backend database. digest does not really require plain text in the directory, but it requires that the Squid user has access to the digest equivalence of the plain text password (one-way hashed, not useable outside digest), or that your directory has a secure channel for Digest authentication (no standard exists for this, but I have seen signs that several commercial directory servers have such channels) Regards Henrik
