Re: [squid-users] maybe I can use proxy_auth with interception if ....

From: Lucas Brasilino <brasilino@dont-contact.us>
Date: Fri, 28 Feb 2003 14:07:40 -0300

Hi Henrik:

>
> There is no such thing as a "login session" in HTTP, and if it was it
> would certainly not span multiple web sites..
>
> The only reason why you do not see a login box in each and every request
> is because your web browser is smart and assumes that if login was
> required for one request to the web site (or proxy in case of proxy
> authentication) then it will also be required for the next request to
> the same web site (or proxy in case of proxy authentication) and assumes
> the same login+password should be used again there as well.
>
>
> A typical chain of events for a web site requiring authentication:
>
> < GET /
>
>>401 Unauthorized
>>
>
> < GET /, Authorize=login:password
>
>>200 OK
>>
>
> < GET /images/something.gif, Authorize=login:password
>
>>200 OK
>>
>
>
> And from this I think it is obvious that the browser has to ask again
> before sending the same login:password to another web site..
>
>
        I see... but I think I wasn't clear. I gonna make some experiments

around here and give you a feedback.

regards.

-- 
[]'s
Lucas Brasilino
brasilino@recife.pe.gov.br
http://www.recife.pe.gov.br
Emprel -	Empresa Municipal de Informatica (pt_BR)
		Municipal Computing Enterprise (en_US)
Recife - Pernambuco - Brasil
Fone: +55-81-34167078
Received on Fri Feb 28 2003 - 10:08:12 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:45 MST