----- Original Message -----
From: "Chemolli Francesco (USI)" <ChemolliF@GruppoCredit.it>
To: "'Henrik Nordstrom'" <hno@hem.passagen.se>; <squid-dev@squid-cache.org>
Sent: Thursday, July 05, 2001 6:39 PM
Subject: RE: External group concept
> > It is about time to start thinking about how to implement external
> > groups.
> >
> > As discussed earlier (see squid.sourceforge.net/ntlm/ for one achive)
> > two concepts are needed
> >
> > a) Groups as returned by the authenticator
>
> This requires us to extend the squid-authenticators protocol.
> Not that big a deal for NTLM, but the basic authenticators use a way
> too much primitive protocol.
>
>
> > b) Other groups, verified by a separate helper using
> > "ident/login, IP,
> > browser"
>
> I'd like this. Esp since it would allow for very aggressive caching, and
> thus
> good performance.
No better or worse than coupled to the authenticator. I like decoupling
though because it makes more sense (ie if you run basic && ntlm && digest on
a site, why have all the authenticators returning group info! - most sites
will have a single enterprise user directory available).
Rob
Received on Thu Jul 05 2001 - 07:51:56 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:05 MST