James Porter wrote:
> authorized user data fits in the SQUID log with no success. Is the SQUID
> standard access.log file omitting this data? The ITEM 1 line is from a
> .HTACCESS protected directory and yet I cannot find a user field.
Squid logs user names if the user is authenticated by Squid. It won't
show user names authenticated by origin server(s).
If you use log_mime_hdr (as you did) then every tiny detail of the
request and reply is logged, and you can extract anything from it that
is available in HTTP:
* User names + passwords to HTTP servers where Basic authentication is
used.
* User names + passwords used to authorize use of the proxy
* Cookies
* Browser model
* Language settings
* What type of objects they got
* When those objects was last modified
* Type of web server used to host the object
* The time on the origin server
and a lot more.
The following perl fragment can be used to convert Basic HTTP
authorization information to plain text:
#!/usr/bin/perl
$encoded = $ARGV[0];
$encoded =~ tr#A-Za-z0-9\`/# -_=#; # convert to uuencoded
format
$len = pack("c", 32 + 0.75*length($encoded)); # compute length byte
print unpack("u", $len . $encoded); # uudecode and print
You may want to change the password for thanxion@www.trenchcoat.com
which was encoded in your previous post, and therefore publically
published on the Internet.
-- Henrik NordstromReceived on Sat Oct 02 1999 - 06:44:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:41 MST