Edward Valley via FreeIPA-users wrote:
Hello there. I'm trying to setup squid proxy to use FreeIPA as
LDAP
backend for user authentication. Everything works fine while using basic
authentication. In order to use digest authentication I need users to
have an specific password storage scheme (MD5 of user:realm:password
combination). Can someone point me in the right direction on how to
accomplish it? Coding a new plugin? Extending an already existing one?
Configuring something? I've made some research and it seems everybody
integrating squid with FreeIPA is using kerberos, but that's something
I'll be doing lather. Thank you very much.
Digest auth generally requires the password to be available in the clear
(or reversible), try to avoid it. I think you'd have a hard time trying
to configure IPA to allow it and you'd be climbing far out on a limb if
you manage to succeed.
rob