Re: [squid-users] ntlm using linux browsers and ntlm using digest

From: Robert Collins <robert.collins@dont-contact.us>
Date: 09 Aug 2001 18:44:09 +1000

On 08 Aug 2001 13:32:17 -0300, Mads Rasmussen wrote:
>
> Maybe this is a stupid question, but is there a way for linux browsers to use
> the ntlm authentication scheme?
Kinkie's covered most of the points..
<snip>
> However since we have some linux desktop stations, I need to give them access
> aswell, is there a way or do I have to enable another scheme as well?
Yes, just uncomment the configuration for the digest or basic auth
schemes.

> I was thinking maybe of doing a browser check and then a acl that does ntlm
> auth if using ie and msnt auth if not using ie, what about that?
That's not needed. HTTP defines a mechanism for choosing the strongest
authentication scheme a server offers. It's a shame microsoft do not
follow that specification, but Unix browsers have no excusenot to. (This
means you need to put the NTLM configuration details before basic or
digest, or IE (tested up to v5) won't try NTLM.

> Other question, I configured with ntlm, digest and basic, with respective
> helpers ntlmps, password and msnt, now it creates in
> /usr/local/squid/libexec/squid files = ntlm_auth, msnt and fakeauth_auth. I
> decided to use the ntlm_auth in squid.conf as it was what I wanted but is it
> using basic or digest authentication together with that? it doesn't create a
> specific digest program.
digest_pw_auth should have been created, it gets installed into
lib_exec.
> I was wondering what to change to make ntlm use the digest scheme.
ntlm is a authentication scheme. It can't use other schemes. Follow the
notes above and uncomment digest from your squid.conf, and you should be
able to log in with digest authentication.

<snip>
Rob
Received on Thu Aug 09 2001 - 02:44:14 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:30 MST