Re: [squid-users] ldap auth & Novell problem

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 12 Sep 2002 19:40:44 +0200

Matt Kehler wrote:

> re: a replacement for 'clntrust' for squid....I would throw out my
> credit card for that in a second! somebody, anybody! We're in the same
> boat here. We want to use squid, but need passthrough auth from NDS.

clnttrust is a method whereby the client IP will be authorized by the
server, right?

Not really authentication in the normal sense I guess.

One similar alternative you have as an option today without any
programming is to install a ident service on your client stations. This
will allow Squid to query who the logged on user is.

The drawback is the weakness of the ident protocol. To have any form of
trust in ident you must be able to trust the client workstations. If
your users are hacker kind of users this obviously will not be the
case..

Regards
Henrik
Received on Thu Sep 12 2002 - 11:44:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:18 MST