On Fri, 29 Oct 2004, Andrew Bartlett wrote:
> I've created a concoction of Samba3 and Samba4, and it works. I'll work
> to make it a little less fragile, but it should give you some idea how I
> think it should work...
Is there any documentation on the SPNEGO ntlm_auth protocol yet?
One small request to make the future a little brighter. In Squid-3 we have
already started adding support for concurrency in the helper protocols by
prefixing each query with a query/session identifier (0 - max concurrency
level defined for the helper), and the helper is free to answer the
received queries in any order it likes. It would be great if you could
look into how well this can be supported by Samba ntlm_auth to allow the
scheme to scale in bigger installations.
A trivial initial implementation is to simply use this to allow for
multiple negotiation sessions in the same helper but with no actual
concurrency in the winbind lookups. But in the long run it would be great
if there was support for concurrent winbind lookups to avoid stalling only
because one winbind query is taking a long time.. (assuming this is also
solved in winbind, for which there seems to be some progress)
The Squid-3 implementation is complete on stateless helpers, but not yet
on stateful helpers but I have committed myself to get this done before
3.0..
Regards
Henrik
Received on Fri Oct 29 2004 - 09:11:08 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Oct 31 2004 - 12:00:02 MST