Yes, I guess you mean the fake_auth ntlm authenticator. But in my optinion
there is a problem with it: Mozilla now supports NTLM auth on all the
platform, but you are prompted for a login/passwd. With the fake_auth, you
can put whatever you want as there is no check. With MSIE, there is no
prompt so it's more difficult to spoof. And if you have a look inside this
fake_auth, you'll see some comment from the authors telling that it
shouldn't be used in production as it is a proof of concept authenticator.
---
Stéphane Davy - Consultant Alcôve
Hendrik Voigtländer
<hendrik@voigtlaenders Pour : sdavy@bics.fr
.net> cc : squid-users@squid-cache.org
Objet : Re: [squid-users] Réf. : [squid-users] Extract username and write it to the log file without
15/06/2004 17:41 NTLM?
sdavy@bics.fr wrote:
> But what is wrong with NTLM? If your users use MSIE, they won't be
prompted
> during authentication when using the NTLM scheme, it is transparent and I
> think this is what you want, isn't it?
>
> You'll need to setup Samba in order to have NTLM and authentication on
> Active Directory, but everything is in the Squid FAQ
>
Not really. I have done some successfull testing with NTLM-dummy
authenticators.
Who cares about the password if you just want the username? No need to
check it with Samba/AD.
Regards, Hendrik
Received on Wed Jun 16 2004 - 02:00:03 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT