Re: Proposed extension to the NTLM helper protocol from Robert Collins on 2004-11-05 (squid-dev)

From: Robert Collins <robertc@dont-contact.us>
Date: Sat, 06 Nov 2004 12:26:11 +1100

On Sat, 2004-11-06 at 12:24 +1100, Andrew Bartlett wrote:
> I wish to propose an extension to the NTLM helper/squid protocol, such
> that a squid redirector, or a external ACL helper, may access the list
> of groups.
>
> A new command to ntlm_auth, UG, would request the list of user groups
> from the last authentication. This uses the fact that in NTLM and
> SPNEGO authentication, the authentication produces the group list, that
> should be valid for a particular session.

It shouldn't be a new command. The cookie should just be returned with
the auth. (Anything else races hugely with overlapped requests).

Rob

-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.

application/pgp-signature attachment: This is a digitally signed message part

Received on Sat Nov 06 2004 - 01:07:33 MST

This archive was generated by hypermail pre-2.1.9 : Tue Nov 30 2004 - 12:00:03 MST