For the squid <-> LDAP portion, you'll need to use SSL LDAP, or certificates
(don't know of any implementations of this).
For the squid <-> client portion, use HTTP Digest Authentication.
Does anyone know which/if any browsers support Digest Proxy Authentication?
> -----Original Message-----
> From: nagy_l@vaxst2.tii.matav.hu [mailto:nagy_l@vaxst2.tii.matav.hu]
> Sent: Wednesday, February 17, 1999 8:29 PM
> To: squid-users@ircache.net
> Subject: secure authentication with ldap server ?
>
>
> Hi!
>
> We are use ldap_auth for authentication to my Netscape LDAP server.
>
> My problem is: this authentication is a clear text, and some
> network monitor
> program can to monitor the passwords...
>
> How to make this session is secure ?
>
> Second problem: the autentication string between client and
> the cache server
> only encoded.This is not problem for an advanced user(hacker)...
>
> How to make this communication is secure ?
>
> We are use squid 2.1-patch2 under linux.
> Thanks in advance!
>
> Bye!Lajos
>
Received on Tue Feb 16 1999 - 15:53:22 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:35 MST