> Chemolli Francesco (USI) wrote:
>
> > I fear not. Think what happens with NTLM: in this case the only
> > kind of forwarding you can do is pass-through.
> > This works, of course, but still doesn't work for my needs. An
> > X-Squid-Authenticated-User: username
> > and
> > X-Squid-Originating-Client: ip_address
>
> A better choinse is perhaps to translate it to basic with a shared
> secret password... this has the benefit that it is a known mechanism
> which is well understood by servers.
That might work. Maybe some magic in the cache_peer options (i.e.
login=@USER@:sharedpassword)
But then we'd lose the information on the originating IP, so
some extenede header could be a viable choice anyway.
Also, maybe having some way to customize the logfile format (a la Apache)
might help. If you want, I can try and do that.
> As I said the whole concept of how to configure accelerators should be
> reworked, preferably using the cache_peer concept which would
> add space
> for options like this amongs other things..
Never used Squid as an accelerator :-)
This was just to split the load in a two-tier architecture: first tier - ACL
checking.
Second tier - caching.
-- /kinkieReceived on Tue Dec 19 2000 - 00:54:00 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:13:05 MST