CUPS interaction (authentication with LIBCUPS)

Andrew Bartlett abartlet at
Mon Jun 6 23:23:01 GMT 2005

On Mon, 2005-06-06 at 16:08 -0700, Michael R Sweet wrote:
> Andrew Bartlett wrote:
> > ...
> > You missed simo's point.  Simo was talking about a sane
> No, I didn't, read below...
> > implementation path for the server-side of the authentication
> > problem.  Even without IPP clients, the admin interface could benefit
> > from this, due to existing browser support for NTLM and 'Negotiate'
> I agree, however we can't just settle for a 1/2 (or more like 1/3)
> solution, we need a complete solution that can be used on all OS's
> and in all situations.

> In short, I don't believe that squid or any other existing
> authentication framework addresses the client, server, and
> proxy authentication cases we need.

Of course they don't.  Kerberos is one of the few technologies that
seems to even start down this road in a sensible manner, and even it is
a right royal pain to setup.

Particularly when you start down the 'and it must be supported by
Windows IPP', I really don't think you have any good options.  I just
hope that we can do better 'host to host' then basic auth.  (And I would
not look to HTTP for innovation in this area).  

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list