sean.upton@uniontrib.com wrote:
> Since basic auth is just a header, there is a question as to whether or not
> this header info is stripped in the request as it is sent by Squid to the
> back-end web servers in accel mode, provided you are not caching... Any of
> the gurus out there know if this is possible?
It is currently passed on as it is. In the rproxy branch
<http://squid.sourceforge.net/rproxy/> a few other alternatives is
introduced.
> More specifically, I would want to:
> - Initially authenticate via challenge from Squid
For this you need to enable authentication in accelerator mode. See
client_side.c or the rproxy branch mentioned above.
> - Rest of session: both squid and app server on back-end evaluate the same
> basic auth header info
They do, unless you use rproxy and select to send some other credentials
to the backend, such as all users having a static password and an
optional prefix on their user name, or even a static backend login
shared by all users, or no backend login at all.
> - (optionally) figure out a way to do basic auth login via an html web-form
> instead of a default browser dialog (that is, prempt the auth challenge
> response, even if this only can be done via client-side scripting on capible
> browsers).
Where do you find information on how to script the browser challenge
response? Did not know browsers could do such things..
-- Henrik Nordstrom Squid HackerReceived on Wed Sep 19 2001 - 16:17:11 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:18 MST