My sincere thanks to Amos for his deep insight and to Eugene for his
practical advice. This was of great help for me, and I think will help
future googlers as well.
Amos says:
> Popups you are trying to avoid is a browser feature. It is 100% up to
> the client to use the password manager and/or operating system settings
> which prevent it being needed.
You're right of course. Having no control over PC settings, I will try
to find the combination of offered mechanisms that gives the best
result, with the existing set of PCs and OSs.
> NTLMv1 would "work" because it allowed automatic
> down-grade of the security level to one of those broken (8-bit
> security!) mechanisms
Argghhhhhh... I didn't realize it was so broken.
> Hope this clarifies everything for you.
Yes, thank you a lot. I see it's not an obvious choice and I want to
meditate some more, for now it seems that samba4 ntlm_auth + [some
helper for authorization] could be my choice. I will try to keep basic
auth clients in some kind of ghetto and never worry about digest auth.
I will share here my final and tested configuration.
Thanks again,
Bergonz
-- Ing. Michele Bergonzoni - Laboratori Guglielmo Marconi S.p.a. Phone:+39-051-6781926 e-mail: bergonz_at_labs.it alt.advanced.networks.design.configure.operateReceived on Tue Jul 16 2013 - 15:37:28 MDT
This archive was generated by hypermail 2.2.0 : Tue Jul 16 2013 - 12:00:17 MDT