Re: 'http->request->auth_user_request' Question

From: WA Support <>
Date: Fri, 03 Oct 2003 14:31:35 -0700

WA Support wrote:

> What I want to do is NOT require authentication, but have
> authenticateUserRequestUsername(http->request->auth_user_request)
> resolve to 'dash-str' by default. Then if a user wants to go into
> override mode, have squid send a 407 response to the browser and then
> keep record on that session by username from then on until the session
> terminates. This way, 'http->request->auth_user_request' will always be
> true, calls to my redirector will either have 'dash-str' or a username.

I now see the fallacy in this approach. There is no way for the user to
'interrupt' squid and tell it that he/she wants to go into override
mode, and there is no way for my redirector program to get information
back into squid since they are essentially independent. I think I am
correct in these assumptions, right?

This being the case, I don't need to know why

"someuser") == 0) {

is illegal when authentication is turned off.

The more I work on this task of trying to setup an override system for
my squid/squidGuard system and read the squid code, the more respect I
have for the squid developers, to say the least, but also for the coders
at N2H2 who have developed a very robust system (their Bess Squid Proxy)
that utlizes squid and has an elegant overide system. Unfortunately (fo
me), the N2H2 system is proprietary, and I don't have access to their
code :(

I know it can be done though since N2H2 has done it, so I will keep

Thanks for all the help,
Murrah Boswell
Received on Fri Oct 03 2003 - 15:28:21 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:43 MST