[plug] [OT] XP Remote
Jay Turner
jturner at bsis.com.au
Mon Aug 23 14:34:29 WST 2004
> > You can use Squid with the Samba Winbind helper to have Squid
> authenticate
> > users against an ADS or standard domain (Samba3 supports
> Kerberos which is
> > required if connecting to a Win2003 Server). Only IE 5.5+ supports NTLM
> > 'transparent' user credentials being passed from the browser to
> the proxy.
> > All other browsers will use basic authentication resulting in
> an input box
> > being displayed on the screen and the user details being sent clear text
> > from the browser to the proxy.
>
> OK. So currently what I'm thinking of is not availible. I wasn't able to
> find anything about it on Google either.
I wasn't really talking to what you had asked persay.. I was just filling in
details on what authentication methods were available using Squid and a
browser that I was aware of.. hope i wasn't misleading.
> I don't need it here, but may in future. Essentially, I'd like to be
> able to set things up so that the browser uses Kerberos to authenticate
> with the proxy, so the proxy can make per-userid policy decisisons
> without requiring an extra user-visible authentication stage. Much like
> NTLM under Windows, in fact.
>
> If the browser support for using Kerberos to authenticate with the proxy
> doesn't exist, though, that won't really do any good.
>
> Regarding browser support, I'm pretty sure that recent Mozilla and
> Firefox versions also support NTLM for authentication with a
> Windows proxy.
That's cool... I didn't know that...
I haven't had to set up a Squid with NTLM for a little while now and most
environments our servers are in use IE anyway, so it hasn't been a big
issue.. That is interesting to know though and I will keep it in mind for
the future..
thanks for that..
More information about the plug
mailing list