> Maybe this is a stupid question, but is there a way for linux
> browsers to use
> the ntlm authentication scheme?
There is a kind-of-proxy server written in python which will turn
basic auth to NTLM auth.
> I installed yesterdays head and it works great, just installs with no
> troubles and when accessing from windows it's a bliss.
Yeah. However it requres a strong authentication framework and
desktop integration which at the moment Unix lacks.
I've tried talking to Ximian about having similar (but sane) features
as part of GNOME, without much luck so far.
> However since we have some linux desktop stations, I need to
> give them access
> aswell, is there a way or do I have to enable another scheme as well?
Basic.
> I was thinking maybe of doing a browser check and then a acl
> that does ntlm
> auth if using ie and msnt auth if not using ie, what about that?
Auth protocol negotiation is handled as part of the HTTP protocol.
> Other question, I configured with ntlm, digest and basic,
> with respective
> helpers ntlmps, password and msnt, now it creates in
> /usr/local/squid/libexec/squid files = ntlm_auth, msnt and
> fakeauth_auth. I
> decided to use the ntlm_auth in squid.conf as it was what I
> wanted but is it
> using basic or digest authentication together with that? it
> doesn't create a
> specific digest program.
The authentication helpers are protocol-specific. You'll need to configure
helpers for all three protocols if you want to offer those.
> In my squid.conf I have
>
> auth_param ntlm program
> /usr/local/squid/libexec/squid/ntlm_auth cit/roma
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
With this configuration squid will not negotiate Basic and Digest
authentication.
> I was wondering what to change to make ntlm use the digest scheme.
Not possible.
> Regards and thanks for a great job done, looks like it's heading for
> stability,
Thanks.
-- /kinkieReceived on Wed Aug 08 2001 - 10:41:56 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:30 MST