On Sun, Apr 02, 2000 at 02:59:29PM +0200, Henrik Nordstrom wrote:
> To my knowledge there is no caching HTTP proxy capable of forwarding MS
> NTLM authentication.
>
Absolutely.
I've just been to a MS presentation of Windows2000 last week and they made a
big song-and-dance over how IIS 5.0 (in conjunction with IE5) supports
Digest Authentication. This was specifically supported to get around
problems with NTLM not been proxiable (if there is such a word!).
For those who haven't heard of it, Digest-Auth has been an option in Apache
for around 5 years and it similar to Basic Auth except that it's a one-way
encryption - similar to APOP. To work "invisibly" (like NTLM - user doesn't
have to enter usercode/password), it requires your Windows2000 Active
Directory to be configured with "reversable encryption" so that it can make
all this work.
More info than most of your wanted I guess ;-)
--
Cheers
Jason Haar
Unix/Network Specialist, Trimble NZ
Phone: +64 3 3391 377 Fax: +64 3 3391 417
Received on Mon Apr 03 2000 - 15:36:15 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:40 MST