Just an idea, Would it be possible to do this by creating a random name for the login/PW form controls using say PHP? therefore (as I understand it) IE et al would not be able to offer an entry to an unknown form control. I assume it sees "login", recognises the typed name and looks up the PW from it's database. Of course I may be way wrong! :-) Maybe a random page title would work in just the same way?
Kind regards Adrian Wells ----- Original Message ----- From: "Henrik Nordstrom" <[EMAIL PROTECTED]> To: "Martyn Bright" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, September 23, 2004 11:56 AM Subject: RE: [squid-users] Squid and Apache Authentication > On Thu, 23 Sep 2004, Martyn Bright wrote: > > > A specific external site (that I do not control) the users need is https and > > not available via the remote proxy - squid goes to it directly. > > > > I need the users to authorize before they connect to this specific site. > > Unfortunately with basic auth, IE helps(!!!) by offering to remember the > > users password details. I cannot allow this as the clients are accessible > > by the public and must not be able to get to the secure site without having > > to type in a password. I know I can disable this IE helper functionality in > > windows, but that will stop it for all sites which is not what I want. > > > > I figured that if I pass authentication control to a web page of my own, I > > should be able to stop IE from interfering. > > Not really. If IE understands this page contains a password form it still > allows you to save the password... > > And since the site is using https the proxy has no means of modifying the > requests or add/delete any information while forwarding the request. All > the proxy sees is that the browser wants to connect and do something at > the requested side, nothing more. > > If the site was using http then Squid would be able to use other means of > providing the authentication credentials, but with https sites the > encryption considerably limits the man-in-the-middle capabilities. > > Regards > Henrik >
