ons 2007-04-25 klockan 13:23 -0400 skrev Brian Kirk:
> I have installed the ntlm_ip_cache patch, and as suspected the first
> person to connect cisco cs 11501 (load balancer), gets in and everyone
> for the authenticate_ip_shortcircuit_ttl time is then logged in as
> that person.
If they all come from the same IP yes.
> Is there any way to make the NTLM act more like basic authentication
> in that once the authentication is done, it doesn't occur for each
> page or image loaded?
Thats the exact opposite of Basic... Basic authentication happens on
each and every request. But as it's always the same Squid can cache the
validity and don't need to query the helper all the time.
NTLM is a challenge-response scheme, and each new connection means an
unique authentication exchange of which the final step needs to travel
all the way up to the domain controllers to get verified...
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Tue May 01 2007 - 12:00:01 MDT