On Friday 11 July 2003 03.16, Norman Zhang wrote:
> Please excuse my ignorance. Would passwords be passed in clear text
> using basic auth?
Yes.
> Is there an authentication scheme that works
> without clear text.
Neither NTLM or Digest passes passwords over the wire.
Of the two Digest is preferred as it is a standard HTTP authentication
protocol without the design errors of NTLM and also provides a higher
level of protection for the users passwords. You probably want to use
Squid-2.5.STABLE3 or later however, and not all browsers support
Digest yet (most mainstream browsers does).
Both requires special password databases: local text file in case of
Digest, a NT Domain in case of NTLM. Squid never gets the users
password at all in these methods and thus can not integrate with
normal password databases requiring the actual password like done in
the basic scheme.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Fri Jul 11 2003 - 02:11:12 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:56 MST