[prev in list] [next in list] [prev in thread] [next in thread]
List: squid-users
Subject: [squid-users] LDAP_Auth questions
From: Wolfgang Grim <grim () banet ! at>
Date: 2013-01-25 6:40:58
Message-ID: D7758F5DFB82FC4BB69741012299848A0BF1627DA5 () banetexch
[Download RAW message or body]
Dear Community,
I successfully set up a LDAP authentication between squid and a windows 200=
8 server domain controller. The following problem exists:
# Users are able to use http and https. When they are not explicitly enter =
https://<url> the http protocol will be used
# Because the auth is basic_ldap_auth all passwords are then transmitted in=
clear text.
I thought of the two solutions because of that challange:
# Redirect auth traffic (or all traffic) from HTTP to HTTPs, I did a lot of=
internet research abou this but did not find any solution
# I read a hint on http://serverfault.com/questions/151672/the-story-of-sec=
ure-user-authentication-in-squid that you should be able to mix digest and =
auth programs, but this does not work, obviously because the squid server i=
s (fortunetely) not able to reverse the MD5 string it get's from the client=
to clear text passwords
Any help is highly appreciated.
Best regards!
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic