CUPS interaction (authentication with LIBCUPS)

Michael R Sweet mike at
Mon Jun 6 23:08:07 GMT 2005

Andrew Bartlett wrote:
> ...
> You missed simo's point.  Simo was talking about a sane

No, I didn't, read below...

> implementation path for the server-side of the authentication
> problem.  Even without IPP clients, the admin interface could benefit
> from this, due to existing browser support for NTLM and 'Negotiate'

I agree, however we can't just settle for a 1/2 (or more like 1/3)
solution, we need a complete solution that can be used on all OS's
and in all situations.

 > ...
> Finally, the use of an external process to handle authentication
> would also benefit CUPS, because errors in the pam libs (something I
> have hit more often than I would prefer) would not stall out the
> entire cups deamon. (I finally tracked down long-running cups issues
> to bugs in pam_krb5).

I have no problem with people proposing patches to cupsd that would
allow it to use squid (or any other authentication API - we support
lots!) to do authentication, however our goal is not to add another
partial authentication solution (of which we have lots) but to come
up with something cross-platform (i.e. Linux, UNIX, MacOS, AND
Windows) that works on the client and server and handles proxy

In short, I don't believe that squid or any other existing
authentication framework addresses the client, server, and
proxy authentication cases we need.

Michael Sweet, Easy Software Products           mike at easysw dot com
Internet Printing and Publishing Software

More information about the samba-technical mailing list