Re: [SQU] Limitations from bbarnett@dont-contact.us on 2001-01-29 (squid-users)

From: <bbarnett@dont-contact.us>
Date: Mon, 29 Jan 2001 07:48:26 -0500 (EST)

On 28-Jan-2001 Robert Collins wrote:
> For the URL checking, you can use a perl redirector, and send the user to an
> access denied page on your LAN if the URL is not valid
> for them...
> You could use squid's internal URL checks, but they won't be updated in
> realtime.
>
> Squid does the following for external redirectors:
> recieve the requests,
> See If it passes the http_access lines (here is where your perl authenticator
> is called on the users first request).
> if it passed, squid then calls the redirector program, passing it the
> username as one of the parameters.
>
> So you need a perl authenticator, and a perl redirector. The authenticator is
> not passed the url, which is why you need two
> programs.
>
> Rob
>

Reading such things brings to my mind some ponderings that have been sitting
there. When using redirectors, the following setup could come in handy :

- receive the request
- see if it passes the http_access lines (here is where your perl authenticator
- if it passed, squid then calls the redirector program, passing it the username

At which point its up to the redirector, and you tell squid "OK" or a different
url to use. What would be helpful is :

- redirect examines the url
- redirect replies with OK, URL, or MORE
- if squid gets MORE, then squid grabs the url, caches it and passes it to the
redirector
- the redirector examines the http code
- the redirector then replies with OK or another url
- if OK is given, the force-cached web page is passes to the client

This would enable a more in depth examination of the URL if you are so
inclined. Since SQUID is a caching proxy already it seems that the caching
part is easy enough. Since the redirector is already written, it seems simple
enough. I'm just wondering if anyone has thought of this, if a patch exists,
or if anyone has any ideas how difficult this would be to implement. I'm not a
wiz with C, but I can get by if I have a pointer or two...

Thanks for any help!

---
                                     Dynamic Hosting
                                   http://www.L8R.net/             
                      "We Provide Static Hostnames for Dynamic IP's"
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

Received on Mon Jan 29 2001 - 06:00:38 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:37 MST