Re: Proxy authentication with external programs (BETA version)

From: Lee Shakespeare <>
Date: Fri, 13 Feb 1998 14:00:14 +0000

Dancer wrote:
> Doesn't PICS rely on squid actually parsing the returned object and not just
> the headers? (I've not much experience with PICS, but I thought the document
> has to be checked for PICS codes, which violates squid's transfer-model, as
> I understand it).

After looking through things again, it appears I wasn't 100% correct :)
Serves me right for not reading the authentication protocol further. I
assumed that it included the requested URL, after reading it again I've
noticed that it doesn't.

[Aside, this is very similar to the ZDAC authentication method used by
the Zeus web server (, which I have used in the

What I really wanted to do, was use squid to access the PIC's content
databases at sites such as Netshepard. (
You can currently do this with IE browsers. The browser queries the
PICs database and gets a rating back which it compares with the
acceptable restrictions in place. Unfortunately, there isn't any
support yet in Netscape browsers and it would be better administered at
the proxy server than at the browser anyway.

Could we include the requested URL as part of the authentication
protocol. Then the authoriser could query the PIC's database, lookup
the local settings based on the supplied username, then decided if the
URL is allowed. Local authorisers could ignore the URL field.

Received on Fri Feb 13 1998 - 06:15:14 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:52 MST