Re: [squid-users] Re: secure authentication on squid

From: Henrik Nordstrom <[email protected]>
Date: Fri, 22 Nov 2002 08:51:26 +0100

Ilya wrote:

> Thanks, I`ll read. But it is more interesting: how can I tune
> squid to use digest authentication?

See configure --help and squid.conf.

> And one more. If squid was tuned to use digest auth, then it
> saves/looks for username/password in its database. Or am I
> wrong? You know, in my situation username/password are stored
> on LDAP server, and squid checks them using external
> program(authentication_program)

Digest authentication requires Squid to have access to either

 * The users plaintext password

 * A specific Digest hash of the users password

Squid never gets the password from the user in Digest authentication.
Because of this it cannot easily integrate with non-Digest password
databases like a standard LDAP directory as this requires Squid to get
the users plaintext password from the browser so it can use this to log
on to the LDAP directory service.

Regards
Henrik
Received on Fri Nov 22 2002 - 00:46:02 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:31 MST