Re: [squid-users] Squid Auth question for machines not belonging to a AD domain

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Tue, 03 Nov 2009 02:46:01 +0100

mån 2009-11-02 klockan 23:42 +1300 skrev Amos Jeffries:

> IME, I think sending the correct realm or domain in the NTLM or
> Negotiate auth headers may prevent clients attempting auth with a known
> mechanism if they are not part of the domain.

If Microsoft had thought about using the required realm parameter in
their NTLM and Negotiate over HTTP schemes maybe, but as it is now those
two "smells like HTTP auth but is not" authentication schemes do not
support realms and will probably never do.

Regards
Henrik
Received on Tue Nov 03 2009 - 01:46:06 MST

This archive was generated by hypermail 2.2.0 : Tue Nov 03 2009 - 12:00:02 MST