Re: Authentication from Robert Collins on 2003-08-09 (squid-dev)

From: Robert Collins <robertc@dont-contact.us>
Date: 10 Aug 2003 09:39:58 +1000

On Fri, 2003-08-08 at 01:39, Diego Woitasen wrote:
> Well, I 'm working now to the authentication framework to work in the
> same way that external acls, with names. For example:
>
> auth_param auth1 basic program /blah/blah/bin ...
> auth_param auth2 ntlm program /blah/blah/bin2 ...
>
> acl pass1 proxy_auth auth1 REQUIRED
> acl pass2 proxy_auth auth2 REQUIRED
> acl msn browser -i messenger
> acl ie browser -i explorer
>
> http_access allow msn pass1
> http_access allow ie pass2
>
> This is because (in this example) msn is not working with ntlm auth and
> i need that msn auth. against a basic authentication.
>
> I want to hear comments about this...

Its an idea, but not a great one IMO. All you are really doing is
working around a bust HTTP client - one that is in violation of RFC
2617. I'd file a bug with Microsoft.

Cheers,
Rob

-- 
GPG key available at: <http://members.aardvark.net.au/lifeless/keys.txt>.

application/pgp-signature attachment: This is a digitally signed message part

Received on Sat Aug 09 2003 - 17:40:01 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:27 MST