Re: [squid-users] FakeAuth windows build?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 05 Nov 2009 22:27:06 +1300

Dion Beauglehall wrote:
> Hi,
>
> I am looking to provide an "invisible" challenge to users broswers to get
> their user/password details and authenticate that against LDAP.
>
> I notice that in the v3 (or 3.1?) build of Squid, the FakeAuth helper has an
> option to strip the domain from windows users, which should do what I want.
> However, there is currently no Windows build available with this option.
>
> Now, I don't want to put undue stress on anyone (because I appreciate you
> are (nearly?) all volunteers), so I don't mind, but I am wondering if anyone
> is able to either:
>
> a) be willing to compile and provide a windows executable of a versions of
> FakeAuth which has the -S (strip domain) option (assuming it will work with
> Squid 2.7 - I am willing to give it a go if no-one sees a reason why not)
>
> or
>
> b) give some guidelines how I can build/compile just the FakeAuth helper for
> windows (given I haven't done any decent C programming in over a decade, and
> even that was small-fry stuff...).

All volunteers here. If you are able to spare a bit of coinage I woudl
recommend throwing it towards Guido of Acme Consulting for a binary
build. That will also go a small way towards helping the Windows port
stay afloat.
http://squid.acmeconsulting.it/

>
> Alternatively - any other options of providing an "invisible" challenge to
> users, which I can then authenticate against LDAP?

There is no such thing as an invisible challenge. Squid makes all
challenges in the same way. Whether the browser informs the user about
requests for their login credentials is up to the browser.

I very much doubt you will be able to get a good browser that passes
unencrypted info on demand like that. If I understand your other emails
LDAP is sending the username/password to Squid.

NTLM only manages the silent way accepted because the username/password
are not transferred.

Also, Fake Auth is designed to accept a user that presses enter twice in
the login box.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20
   Current Beta Squid 3.1.0.14
Received on Thu Nov 05 2009 - 09:27:29 MST

This archive was generated by hypermail 2.2.0 : Thu Nov 05 2009 - 12:00:03 MST