'http->request->auth_user_request' Question

From: WA Support <support@dont-contact.us>
Date: Fri, 03 Oct 2003 11:19:43 -0700

I have been reading rfc2617: HTTP Authorization, and understand the 407
(Proxy Authentication Required) response given by squid if configuration
is set for authorization.

If I have squid configured to NOT require authentication, how does the
following block of code I added to redirectStart() break squid? That
is, I get 'page cannot be displayed' error for every url when I have
this statement in and authentication turned off.

      if
(strcmp(authenticateUserRequestUsername(http->request->auth_user_request),
"someuser") == 0) {
                handler(data, NULL);
                return;
        }

I figure it has something to do with the argument to
authenticateUserRequestUsername(), right?

Also, what does

assert(auth_user_request != NULL);

do in authenticateUserRequestUsername()?

Do I understand rfc2617 correctly that the 407 response from a proxy
just directs the browser to request a username:password pair from the
client? And then the proxy decodes the return header from the browser
and passes the username:password pair to an authentication routine
(ncsa_auth in my case when I have squid configured for authentication),
right?

If I am correct so far, once/if squid gets an OK response back from
ncsa_auth, does squid keep record of the username in some kind of
structure, or does squid have to query the browser each time for the
username that has been authenticated for the current session? That is,
is http->request->auth_user_request a query to the browser, or is
'http->request->auth_user_request' part of a structure that squid is
maintaining?

What I want to do is NOT require authentication, but have
authenticateUserRequestUsername(http->request->auth_user_request)
resolve to 'dash-str' by default. Then if a user wants to go into
override mode, have squid send a 407 response to the browser and then
keep record on that session by username from then on until the session
terminates. This way, 'http->request->auth_user_request' will always be
true, calls to my redirector will either have 'dash-str' or a username.

Thank you,
Murrah Boswell
Received on Fri Oct 03 2003 - 12:16:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:43 MST