we want to use LDAP Digest Authentication but the Product Guide doesn't tell a lot about to realize it.
What is needed to be configured on the LDAP Server?
Which attribute saves the hash?
Where is the hash created?
How to create the the hash and save them on the LDAP?
Thank u a lot!
We use MWG 22.214.171.124.
I am not sure if this is exactly helpful because I have never set up LDAP Digest Authentication but the implementation is oriented on the implementation on Squid:
So the link to the Squid Wiki might give you some input to get started. It shows what is required on the LDAP Server side (OpenLDAP is used in the example).
thank u very much.
This seems ...
Also for every User it is needed to create the digest hash and save it in the LDAP Attribut?
And when the User change his Password a new hash has to be manually created?
The MWG just hash the client credentials and compare this with the stored hash in the LDAP ?
yes, a hash of user password has to be created and auto-updated on the LDAP server. Digest authentication is a bit more secure than basic since client credentials are not transferred as plain text, but I would recommend using other methods if you configure everything from scratch and do not migrate from squid.