Henk-Jan Kloosterman wrote:
> I think with optin A and B you somehow "foreward" the username from the
> authenticator?
> How can I do that? If I use cache_peer login I thougt the username and
> password must be fixed?
> I think I paid not enough attention in Kindergarten, Cause I cannot find it
> :-(
From the current (Squid-HEAD) cache_peer documentation:
use 'login=user:password' if this is a personal/workgroup
proxy and your parent requires proxy authentication.
Note: The string can include URL escapes (i.e. %20 for
spaces). This also means that % must be written as %%.
use 'login=PASS' if users must authenticate against
the upstream proxy. Note: To combine this with
proxy_auth both proxies must share the same user
database as HTTP only allows for one proxy login.
Also be warned that this will expose your users proxy
password to the parent. USE WITH CAUTION
use 'login=*:password' to pass the username to the
upstream cache, but with a fixed password. This is meant
to be used when the peer is in another administrative
domain, but it is still needed to identify each user.
The star can optionally be followed by some extra
information which is added to the username. This can
be used to identify this proxy to the peer, similar to
the login=username:password option above.
> Somehow use the "authenticate" username (f.e. hjkloosterman) put this in a
> script or url.
Which is the job of a redirector in Squid.
> Logon to the server using a static (secret) usename+password.
Which can be done by the login= cache_peer option if the server is
defined as a cache peer, or if not defined as a cache_peer by a
redirector by adding the login information to the URL
(http://login:password@host/...).
With the cache_peer approach you also have the options discussed above
in preserving all or part of the login information.
-- Henrik Nordstrom Squid HackerReceived on Wed Jun 27 2001 - 10:33:57 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:51 MST