CUPS interaction (authentication with LIBCUPS)
Michael R Sweet
mike at easysw.com
Mon Jun 6 23:08:07 GMT 2005
Andrew Bartlett wrote:
> ...
> You missed simo's point. Simo was talking about a sane
No, I didn't, read below...
> implementation path for the server-side of the authentication
> problem. Even without IPP clients, the admin interface could benefit
> from this, due to existing browser support for NTLM and 'Negotiate'
> (GSS-SPNEGO/GSSAPI).
I agree, however we can't just settle for a 1/2 (or more like 1/3)
solution, we need a complete solution that can be used on all OS's
and in all situations.
> ...
> Finally, the use of an external process to handle authentication
> would also benefit CUPS, because errors in the pam libs (something I
> have hit more often than I would prefer) would not stall out the
> entire cups deamon. (I finally tracked down long-running cups issues
> to bugs in pam_krb5).
I have no problem with people proposing patches to cupsd that would
allow it to use squid (or any other authentication API - we support
lots!) to do authentication, however our goal is not to add another
partial authentication solution (of which we have lots) but to come
up with something cross-platform (i.e. Linux, UNIX, MacOS, AND
Windows) that works on the client and server and handles proxy
authentication.
In short, I don't believe that squid or any other existing
authentication framework addresses the client, server, and
proxy authentication cases we need.
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Publishing Software http://www.easysw.com
More information about the samba-technical
mailing list