socket interface to winbindd
Andrew Bartlett
abartlet at samba.org
Thu Jun 23 22:51:53 GMT 2005
On Thu, 2005-06-23 at 22:46 +0000, Alexey Toptygin wrote:
> On Fri, 24 Jun 2005, Andrew Bartlett wrote:
>
> >> I have some questions about the WINBINDD_PAM_AUTH_CRAP command, and about
> >> the interface in general:
> >
> > The interface in general may change, and it is strongly suggested that
> > you should use ntlm_auth as the wrapper for that interface, unless you
> > have a very, very good reason not to.
>
> Well, I'm calling from inside a threaded webserver... I don't think
> it would be very efficient to be calling system(3) all the time.
Look at how squid and mod_ntlm_winbnd in lorikeet svn does this.
ntlm_auth may be kept around as long as you want.
> > What protocol are you implementing anyway?
>
> NTLM HTTP Auth, for a server other than apache.
Then you really don't want to re-implement NTLMSSP. Use ntlm_auth,
that's what it was built for.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050624/7d995fea/attachment.bin
More information about the samba-technical
mailing list