[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squid-users
Subject:    Re: [squid-users] ldap_auth
From:       Henrik Nordstrom <henrik () henriknordstrom ! net>
Date:       2008-05-31 23:12:35
Message-ID: 1212275555.26241.31.camel () henriknordstrom ! net
[Download RAW message or body]


On fre, 2008-05-30 at 09:50 -0400, Chris Riggins wrote:
> No, it is possible to use digest authentication to avoid
> cleartext passwords.  The squid wiki link Henrik sent out is a good
> start, but it leaves out one critical piece:  how to encode the
> passwords!  In either LDAP or a flat-file, I found only one site
> online with instructions, and they were 100% wrong.

Plain-text or H(A1) from RFC2617, depending on how you use the helper..

H(A1) is MD5("user:realm:password"), printed in normal HEX encoding.


Regards
Henrik

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]