Re: [squid-users] Authenitication with http_accel mode

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 19 Sep 2001 23:28:28 +0200

Alexis Bosson wrote:

> I'd like to know if squid can use ACLs in http_accel mode, to authenticate
> users who can access from the internet to a specific server of the company.

Yes, but the feature is somewhat hidden so only the ones really needing
it finds it. This because it can cause serious proplems for people who
are running interceping proxies. Look in client_side.c and you shall
find.

> If it can do this, can it also pass the authentication request
> (login+password) to the web server?

It does by default, unless the request is received as a authenticated
proxy request.

The rproxy branch extends this with a couple of variants, plus the
ability to manage proxied requests without double authentication. See
http://squid.sourceforge.net/rproxy/. This branch also makes the
accelerator authentication significantly more visible while still
protecting people who run intercepting proxies from stupid mistakes, and
simplifies complex accelerator setups greatly.

--
Henrik Nordstrom
Squid Hacker
Received on Wed Sep 19 2001 - 16:06:39 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:18 MST