Thanks François. Like I said, I'll be configuring kerberos authentication later, that seems to work flawlessly (Haven't tested myself), but right now I need to use digest authentication. Thanks again.<br /><br />08:56, March 4, 2019, "François Cami via FreeIPA-users" &lt;freeipa-users@lists.fedorahosted.org&gt;:<br /><blockquote><p>On Mon, Mar 4, 2019 at 2:27 PM Rob Crittenden via FreeIPA-users<br />&lt;<a href="mailto:freeipa-users@lists.fedorahosted.org">freeipa-users@lists.fedorahosted.org</a>&gt; wrote:<br /></p><blockquote><br /> Edward Valley via FreeIPA-users wrote:<br /> &gt; Hello there. I'm trying to setup squid proxy to use FreeIPA as LDAP<br /> &gt; backend for user authentication. Everything works fine while using basic<br /> &gt; authentication. In order to use digest authentication I need users to<br /> &gt; have an specific password storage scheme (MD5 of user:realm:password<br /> &gt; combination). Can someone point me in the right direction on how to<br /> &gt; accomplish it? Coding a new plugin? Extending an already existing one?<br /> &gt; Configuring something? I've made some research and it seems everybody<br /> &gt; integrating squid with FreeIPA is using kerberos, but that's something<br /> &gt; I'll be doing lather. Thank you very much.<br /><br /> Digest auth generally requires the password to be available in the clear<br /> (or reversible), try to avoid it. I think you'd have a hard time trying<br /> to configure IPA to allow it and you'd be climbing far out on a limb if<br /> you manage to succeed.<br /><br /> rob<br /></blockquote><p><br />Also we have a page about squid+FreeIPA kerberos integration at:<br /><a href="https://www.freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On">https://www.freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On</a><br /><br />Please let us know if it does not provide what you need.<br /><br />François<br /><br /></p><blockquote> _______________________________________________<br /> FreeIPA-users mailing list -- <a href="mailto:freeipa-users@lists.fedorahosted.org">freeipa-users@lists.fedorahosted.org</a><br /> To unsubscribe send an email to <a href="mailto:freeipa-users-leave@lists.fedorahosted.org">freeipa-users-leave@lists.fedorahosted.org</a><br /> Fedora Code of Conduct: <a href="https://getfedora.org/code-of-conduct.html">https://getfedora.org/code-of-conduct.html</a><br /> List Guidelines: <a href="https://fedoraproject.org/wiki/Mailing_list_guidelines">https://fedoraproject.org/wiki/Mailing_list_guidelines</a><br /> List Archives: <a href="https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org">https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org</a><br /></blockquote><p>_______________________________________________<br />FreeIPA-users mailing list -- <a href="mailto:freeipa-users@lists.fedorahosted.org">freeipa-users@lists.fedorahosted.org</a><br />To unsubscribe send an email to <a href="mailto:freeipa-users-leave@lists.fedorahosted.org">freeipa-users-leave@lists.fedorahosted.org</a><br />Fedora Code of Conduct: <a href="https://getfedora.org/code-of-conduct.html">https://getfedora.org/code-of-conduct.html</a><br />List Guidelines: <a href="https://fedoraproject.org/wiki/Mailing_list_guidelines">https://fedoraproject.org/wiki/Mailing_list_guidelines</a><br />List Archives: <a href="https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org">https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org</a><br /></p></blockquote>