RE: [squid-users] ntlm authentication

From: Adam Aube <>
Date: Mon, 13 Oct 2003 09:23:41 -0400

> 1) In what format client passes username|password to squid
> when ntlm authentication is used? In http-header, in base64
> coding?

I honestly don't know. The source for the wb_ntlmauth helper may tell
you. Microsoft may have some info on it, as well.

> 2) Does every http-response contain user`s username &
> password when ntlm authentication is used?

Yes, although (as Henrik pointed out) the browser sends the NTLM hash,
not the password.

Received on Mon Oct 13 2003 - 07:23:44 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:28 MST