The authentication is in clear text because it uses the "basic" http
authentication scheme. The authentication to the MS server may be encrypted
but the credentials from the user to squid will always be in clear text.
<shameless promotion mode>
There is another http authentication scheme 'NTLM' that does not use clear
text at any point in the process and also authenticates to a MS domain
controller/SAMBA server. An implementation of it for squid is currently at
beta quality, (at least three sites are using it in production to one degree
or another).
for more information search the mailing list archives for NTLM or see
http://squid.sourceforge.net/ntlm
Rob
----- Original Message -----
From: "Jean-François Bach" <jfb@step.es>
To: <squid-users@ircache.net>
Sent: Monday, November 27, 2000 9:36 PM
Subject: [SQU] Encrypting SMB autentication
> Hi,
>
>
> I have squid version 2.2 stable 5 with smb_auth installed.
>
> I have read that the autentication is done through clear text.
>
> Is there a way to encript the autentication process ?
>
> If possible, can someone indicate me where to find the information about
> ?
>
> Thank you
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>
>
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Mon Nov 27 2000 - 03:05:58 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:35 MST