Hi!
I have a network with a firewall and a machine with squid-proxy behind it.
I've different classes of users, with different restrinction levels...
and we use a central point of validation (Ldap )...
The internal users are using the proxy for authentication.
Everything is working fine.
But now, I need to make the authentication process more robust, without
having to send the user password in cleartext.
I´m trying to avoid using cleartext passwords on the net, so I want to
avoid to my users from sniffing the wire in order to obtain user passwords
(and I can't buy a switch :(( )
I´ve tried implementing HTTP digest authentication method, but i´d a
problem with netscape 4.x/6.x and other browsers that aren't supporting
this method.
Does anybody know how can I replace this method with something more secure?
If you have some kind of recommendation... let me know ...
TIA .
Received on Wed Dec 05 2001 - 12:37:01 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:14 MST