Hi, > NTLM auth is horribly broken, however: > 1) It's currently the only auth scheme you can get SSO with > 2) It does not send the password in the clear over the wire > > Therefore, if you are already running a Windows domain on your > network, you might as well use NTLM auth with Squid.
>From the thread. I figure it would probably be easiest if I stick with NTLM. As it integrates with winbind. Digest would be a much prefer method, but to integrate it existing SSO would too much work me now 8) Actually the reason, that I want the popup is because I want selective users to able to access the web. Not just anyone that walks up to someone's workstation and being able to browse the net. Also I would like to keep track user's authentication for accounting purpose. I take it I need to replace "acl authusrs proxy_auth REQUIRED" with "acl authusrs userA, userB, ..., userZ"? Is there a way to keep these users in a different list? > Henrik and Robert, thank you for a very enlightening discussion, and Indeed. Thank you all for the technically enriched discussion. It is a good read. Regards, Norman
