2) Does every http-response contain user`s username & password
when ntlm authentication is used?
No. NTLM-over-http is not a HTTP authentication scheme, it
only tries to masquerade itself as looking like one at first
glance..
Then how does squid define whether a current http-request
belongs to an authorized user or not? In HTTP authentication
scheme each http-request contains username|password, which
help squid (or authentication helper) to identify user.
wbr,
Ilya
Received on Mon Oct 13 2003 - 10:01:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:28 MST