Hi,
thank you for your answer. Unfortunately, i told them the same but they
don't seem to give a damn about my complains.
What i don't understand is what (without any special squid configuration) it
works with some workstations (Win$) and some not at all(MacOs/Linux).
Can you tell me more about the X-Forward and the use of it in this particular
bad case ?
Le Mercredi 22 Janvier 2003 14:27, vous avez écrit :
> Laurent HENRY wrote:
> > hi,
> >
> > i come back on an old topic i found in the archives of the mailing
> > list, a thread named "Passthrough TCP/IP address".
> > I'm facing exactly the same problem now and i don't know how to resolve
> > it.
> >
> > Some of the client of my network need to connect to a website using an IP
> > address access lists (for a paying subscription).
> > My clients can't have Internet access without the proxy, so i can't give
> > them direct access to the site and bypass the squid as told in the
> > thread. The foreign webserver wants to see the IP of the client and only
> > get the IP of my proxy, so they are refused.
> > Can i configure the proxy to make something resolving the problem ?
> >
> > This case is very hard to understand for me because some client systems
> > seems to actually pass through and some not;this without any action from
> > me...
>
> Tell the remote server (service), to look at the X-Forwarded-for
> field in the http request send by out.
> Usage of this header is controlled in squid.conf.
>
> Anyway, we were faced with similar problems in the past : modern
> webserver will use authentication based upon usernames/password etc.
>
> Why , because i a higher level application should use high level
> authentication schemes (tell them that :-).
>
> IP in the current internet world is being hacked-around all the time,
> NAT-ing , routers+NAT, Firewall-NAT , etc. can make in this world
> that any ip address can 'represent' many hosts.
>
> So they are simply implementing poor auth. schemes,...
>
> M.
Received on Wed Jan 22 2003 - 06:40:34 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:47 MST