[squid-users] Re: Kerberos

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Mon, 17 May 2010 06:30:23 +0100

Hi Matthew,

  I think you are a bit confused. AD offers a Kerberos and ldap service.
OpenDirecttory or eDirectory is just ldap and has nothing to do with
Kerberos (as far as I know). You can use AD, MIT Kerberos, Heimdal Kerberos
or any other Implementation (e.g. Solaris based) for authentication with
squid.

Regards
Markus

"Matthew Smith" <mps_at_utas.edu.au> wrote in message
news:AB612D11-33B4-442C-8779-3EA2EF75AABA_at_utas.edu.au...
Hi Amos,

Thanks for the reply, you have left me very confused, though. We are talking
about MIT's kerberos, right?

http://en.wikipedia.org/wiki/Kerberos_(protocol)

My understanding is that kerberos is a protocol for authentication, and
other directory services (like Mac OS X's OpenDirectory) support it as well
as AD.

Thanks for the link to the wiki, I had a quick look through, and I'll see if
I can get it going with AD as a test. Does anyone know if any other
directory services that implement Kerberos are supported? I'd like to see if
I can get it to work with OpenDirectory or maybe Novell eDirectory.

Thanks for the help!

Matt Smith

On 17/05/2010, at 1:57 PM, Amos Jeffries wrote:

> On Mon, 17 May 2010 11:15:06 +1000, Matthew Smith <mps_at_utas.edu.au> wrote:
>> Hi!
>>
>> I have been trying to find out some info on kerberos auth and squid, but
>> most of my searching points to setting up kerberos for single signon
> with
>> windows AD. Are other directory services supported? If so, which? Also
> does
>> anyone know of some good beginner style resources for setting up kerb
> auth
>> with squid?
>
> That would be because the protocol is a proprietary one by Microsoft.
> Non-microsoft software would tend to lean towards other free alternatives.
>
> Have you seen the wiki Kerberos pages?
> http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
>
> Amos
Received on Mon May 17 2010 - 05:30:47 MDT

This archive was generated by hypermail 2.2.0 : Wed May 19 2010 - 12:00:06 MDT