[Typo3-dev] S: Sponsoring Windows authentification in TYPO3
Martin T. Kutschker
Martin.no5pam.Kutschker at blackbox.n0spam.net
Tue Aug 31 15:20:49 CEST 2004
Hans J. Martin wrote:
>>So this extension does _not_ provide _any_ authentification.
>>NTLM and/or Kerberos authentification must use the authentification server
>>(ADS for example).
>
> Yes, you're right. This is why the extension is set to experimental. See
> this just as an example of how to get the browser to send the ntlm packets.
> Moreover there is no need to sniff the packets - just logon in windows with
> an existing FE_user and any password and you're in...
>
> As I stated before this should be seen as starting point. Further
> development shoud implement encryptioin of stored password. In this way you
> can create a random nonce which you send to the browser and compare the
> returned hashes with the generated ones.
Do we really need this. because...
> Or maybe you can make a kind of proxy - like samba and squid - to make an
> real authetication with an authentification server...there are many
> possibilities.
... a proxy is IMHO the cleaner approach.
Masi
More information about the TYPO3-dev
mailing list