On Sunday 01 December 2002 14.48, Ilya wrote:
> What do you mean? Yes, it is possible to organize the SSL
> connection between squid & LDAP. But how can I make squid to
> take passwords from LDAP, not .../etc/digpass, not from the
> file on local host? What should I rewrite?
For a start a new Squid digest helper would need to be written which
queries LDAP over TLS instead of a local password file.
In the long run Squid should be extended to support MD5-sess Digest
authentication, and a helper daemon added to your LDAP server to
allow Squid and other trusted applications to query for a MD5-sess
hash from your LDAP directory. In such mode the plaintext LDAP
password never needs to leave the LDAP directory server and only
secure one-way hashed blobs is exchanged over the network.
> And one more. What browser/version support Digest auth. I
> tried with Netscape 4.78 and failed. But succeded with Mozilla
> 1.0 :)
See earlier thread on squid-users.
Regards
Henrik
Received on Sun Dec 01 2002 - 07:00:29 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:47 MST