On 05/03/11 05:41, Markus Moeller wrote:
> Do you have an idea how such a wrapper would work ?
>
> The issue I see is that the wrapper helper must do the same process
> management as squid. Which I think is quite some duplication.
>
> Markus
>
Squid already does the tri-state response handling similarly for
Negoatite and NTLM auth schemes. The blob decoding and response state is
entirely up to the helper.
I think the wrapper just needs to decode the blob and do either NTLM
challenge+validate or Kerberos validate on the result depending on what
detail it gets.
A flag internally to determine that an NTLM validate is the next state
after challenge will be needed to avoid sending NTLM challenge then
validating the follow-up with Kerberos.
"Simples", as the rat said to the piper.
Amos
>> -----Messaggio originale-----
>> Da: Henrik Nordström
>>
>> ons 2010-04-07 klockan 20:27 +0100 skrev Markus Moeller:
>>
>> > Would it make sense to define in squid two new configuration options to
>> > control Negotiate authentication ? I am thinking of adding
>> >
>> > Negotiate-NTLM
>> >
>> > and
>> >
>> > Negotiate-Kerberos
>>
>> I would prefer a wrapper helper doing this selection.
>>
>> Regards
>> Henrik
>
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.5Received on Sat Mar 05 2011 - 00:30:06 MST
This archive was generated by hypermail 2.2.0 : Sat Mar 05 2011 - 12:00:02 MST