Re: [squid-users] Clear text passwords

From: Serassio Guido <guido.serassio@dont-contact.us>
Date: Mon, 08 Aug 2005 20:48:09 +0200

Hi,

At 20.30 08/08/2005, Corey Tyndall wrote:

>I have setup squid to authenticate to our Active Directory
>LDAP. Are these passwords being passwd in clear text between the
>browser and LDAP?

LDAP authentication is based on Basic authentication schema. With
Basic authentication passwords are encoded using base64, like clear text.

> If so is there anyway around it?

Nothing to do with basic authentication.

NTLM and Digest authentication schemas doesn't use clear text password.

You can try NTLM against Active Directory, but Samba 3 is required on
proxy machine.

Regards

Guido

-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Mon Aug 08 2005 - 12:48:23 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT