[squid-users] Re: squid_ldap_group authorisation of 2000 AD Groups

From: Adam Aube <aaube01@dont-contact.us>
Date: Thu, 02 Dec 2004 18:14:25 -0500

Adam Aube wrote:

> Oliver Hookins wrote:
>
>> Here's the real question - is it actually possible to have group
>> AUTHORISATION without requiring the user to enter any login details
>> (AUTHENTICATION), i.e. the username comes from Windows or something?
>
> How is Squid supposed to check for membership in a group if it has no
> username to check the membership of?

There is support for NTLM (aka Windows Integrated Authentication), but it
has some limitations:

1) It only fully works with IE
2) NTLM-over-HTTP is horribly broken - see the list archives for details

Adam
Received on Thu Dec 02 2004 - 16:20:13 MST

This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:01 MST