Yes, I guess you mean the fake_auth ntlm authenticator. But in my optinion
there is a problem with it: Mozilla now supports NTLM auth on all the
platform, but you are prompted for a login/passwd. With the fake_auth, you
can put whatever you want as there is no check. With MSIE, there is no
prompt so it's more difficult to spoof. And if you have a look inside this
fake_auth, you'll see some comment from the authors telling that it
shouldn't be used in production as it is a proof of concept authenticator.
--- Stéphane Davy - Consultant Alcôve Hendrik Voigtländer <hendrik@voigtlaenders Pour : sdavy@bics.fr .net> cc : squid-users@squid-cache.org Objet : Re: [squid-users] Réf. : [squid-users] Extract username and write it to the log file without 15/06/2004 17:41 NTLM? sdavy@bics.fr wrote: > But what is wrong with NTLM? If your users use MSIE, they won't be prompted > during authentication when using the NTLM scheme, it is transparent and I > think this is what you want, isn't it? > > You'll need to setup Samba in order to have NTLM and authentication on > Active Directory, but everything is in the Squid FAQ > Not really. I have done some successfull testing with NTLM-dummy authenticators. Who cares about the password if you just want the username? No need to check it with Samba/AD. Regards, HendrikReceived on Wed Jun 16 2004 - 02:00:03 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT