[squid-users] [NTLM Authentication] use of external NT database

From: GUIDOUX R InfoEdpEtcDep <Richard.Guidoux@dont-contact.us>
Date: Fri, 1 Jun 2001 19:01:00 +0200

Hello dear squid admins,

I have read all the FAQs, and all documentation about NTLM authentication
project (on squid.sourceforge site)

Though, I have still 1 or 2 questions : (one on NTLM and the othe more
general)

1) Possibility to use external database

it seems that it is possible to have such a scheme :

Client -------------------------> Proxy Squid
        NTLM Auth

Now, for the database, where Squid checks user/password sent by client,
has it to be local to Squid, or may Squid check the credentials after an
external NT base (and if so, how to tell it in NTLM module ?)

2) Proxy chaining

About chaining proxy, it is said in FAQ, that
"Only one proxy cahce in a chain is allowed to "use" proxy-authentication
request header. Once the header is used, it must not be passed on other
proxies."

Client --------> Proxy Squid A ----------> Proxy Squid B ------->
Internet

So it means that Client cannot authenticate to both Proxy A and Proxy B.

But, is it possible to have client authenticate to Proxy A, and proxy A
authenticate to Proxy B ?
If yes, how must I configure Proxy A ?
(it should be possible after RFC 2616)

TIA,

Richard
*************************************************************************

Ce message et toutes les pieces jointes (ci-apres le "message") sont
confidentiels et etablis a l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.
Tout message electronique est susceptible d'alteration.
La SOCIETE GENERALE et ses filiales declinent toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie.

                                ********

This message and any attachments (the "message") are confidential and
intended solely for the addressees.
Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration.
Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified.

*************************************************************************
Received on Fri Jun 01 2001 - 11:06:20 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:27 MST