On 10/16/21 1:31 PM, Markus Moeller wrote:
I think you talk about a kdc proxy, which is for another case.
I don't think so. I'm not talking about using a proxy to access the KDC.
I'm talking about using a component of the following scenario:
1) Client uses traditional username and password
I see, I think this would mean using Basic Auth to proxy1 which then gets a
Kerberos ticket for the user to authenticate to proxy2. This is possible,
but I would not think it is a good secure option.
Regards
Markus
"Grant Taylor" wrote in message
news:a2070fca-07fd-9a67-3f23-551c1fe77...@s
On 10/17/21 10:46 AM, Markus Moeller wrote:
I see, I think this would mean using Basic Auth to proxy1 which then
gets a Kerberos ticket for the user to authenticate to proxy2. This is
possible, but I would not think it is a good secure option.
I think that we're now talking about the same fu
* Steve Hill :
> On 12/10/2021 09:34, Ralf Hildebrandt wrote:
>
> > > Quite sure, since I've been testing Squid-5-HEAD before it became 5.2
> > > But to be sure, I'm deplyoing it right now.
> >
> > Yep, squid-5.2 is also leaking.
>
> :(
>
> I'm now reasonably sure that mine is a recurrence of:
