On Fri, 18 Nov 2005, Winfried Kuiper wrote:
> What do you mean with your answer "Sort of"?
That it can be done, with the quite significant limitations given later in
the same message and repeated again in this message using different words.
> Does that mean, that NTLM only works for the IE?
NTLM works for all browsers implementing NTLM authentication. At the time
the FAQ entry was written this was only MSIE, but nowdays NTLM support is
quite widespread.
> A cleartext password over WLAN in not secure.
Indeed.
> Is NTLM the right secure choice for all browser types?
Most, not all.
Digest has broader support, but
- Does NOT provide single-sign-on
- Does NOT integrate well with any existing user directory services.
> Does the new digest helper talk direct to the ldap server
> or does he only looks at al local textfile previous
> generated with one of the programs?
The new Digest helper can query a LDAP server for the Digest HA1 hash or
the clear text password.
> Is there a good description on how to use your new digest authentication
> helper?
There is a manual page. But first you need to understand that what the
helper is looking for is the Digest HA1 hash or clear text passwords, it
is not doing authentication to the directory like NTLM (NT Domains /
ADS) or Basic (almost anything) can do.
If you find the manual page short you are most welcome to extend it based
on your experiences with trying to use the helper, or to write a FAQ
entry.
Regards
Henrik
Received on Fri Nov 18 2005 - 07:45:26 MST
This archive was generated by hypermail pre-2.1.9 : Thu Dec 01 2005 - 12:00:10 MST