[squid-users] question about secure proxy authentication

From: Lista Squid <l-squid@dont-contact.us>
Date: Wed, 05 Dec 2001 16:37:16 -0300

Hi!

I have a network with a firewall and a machine with squid-proxy behind it.
I've different classes of users, with different restrinction levels...
and we use a central point of validation (Ldap )...
The internal users are using the proxy for authentication.
Everything is working fine.

But now, I need to make the authentication process more robust, without
having to send the user password in cleartext.
I´m trying to avoid using cleartext passwords on the net, so I want to
avoid to my users from sniffing the wire in order to obtain user passwords
(and I can't buy a switch :(( )

I´ve tried implementing HTTP digest authentication method, but i´d a
problem with netscape 4.x/6.x and other browsers that aren't supporting
this method.

Does anybody know how can I replace this method with something more secure?
If you have some kind of recommendation... let me know ...

TIA .
Received on Wed Dec 05 2001 - 12:37:01 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:14 MST