I see. Do you think the design where cookies were used to keep track of
per-user authentication details at client browser is a feasible and good
design?
-------- Original Message --------
From: Henrik Nordstrom <hno@squid-cache.org>
To: Chin Kah Yi <kahyi@kkipc.com>
CC: Henrik Nordstrom <hno@squid-cache.org>, squid-users@squid-cache.org
Subject: Re:[squid-users] transparent proxy with authentication
Date: 28/10/2005 19:14
>
>
> On Fri, 28 Oct 2005, Chin Kah Yi wrote:
>
>> I see. but if it is transparent proxy via wccp, how would the IP
>> based access control scheme work on bluecoat as bluecoat wouldn't be
>> inline to do access control and depending on cisco router?
>
>
> It is inline for HTTP traffic. The proxy can do whatever it likes with
> the HTTP traffic.
>
> What these schemes usually does is to redirect requests coming from an
> address not known to the proxy to a local login page, where a
> successful login registers the account for that IP and the user is
> then redirected back to the page he originally requested.
>
> There is also another possible scheme using a combination of this and
> cookies. This provides per-user authentication but basically floods
> the browser with new cookies.
>
> Regards
> Henrik
>
Received on Fri Oct 28 2005 - 07:42:56 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST