On Mon, Mar 4, 2019 at 2:27 PM Rob Crittenden via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
Edward Valley via FreeIPA-users wrote:
> Hello there. I'm trying to setup squid proxy to use FreeIPA as LDAP
> backend for user authentication. Everything works fine while using basic
> authentication. In order to use digest authentication I need users to
> have an specific password storage scheme (MD5 of user:realm:password
> combination). Can someone point me in the right direction on how to
> accomplish it? Coding a new plugin? Extending an already existing one?
> Configuring something? I've made some research and it seems everybody
> integrating squid with FreeIPA is using kerberos, but that's something
> I'll be doing lather. Thank you very much.
Digest auth generally requires the password to be available in the clear
(or reversible), try to avoid it. I think you'd have a hard time trying
to configure IPA to allow it and you'd be climbing far out on a limb if
you manage to succeed.
rob
Also we have a page about squid+FreeIPA kerberos integration at:
https://www.freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_...
Please let us know if it does not provide what you need.
François
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...